www.paywfc.com Open in urlscan Pro
208.104.28.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url6259.wfcorp.com/ls/click?upn=o0MvJGw5ssKU4ZPpByRdtpCLogm5U46L6h839SxfWfagnHFPsfgS96v1fsTvGVrjIxMs_dxI7-2FYa-2Fl2...
Effective URL:
https://www.paywfc.com/
Submission: On February 26 via manual (February 26th 2021, 1:41:11 am UTC) from US

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 208.104.28.69, located in Gastonia, United States and belongs to ROCK-HILL-TELEPHONE, US. The main domain is www.paywfc.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on December 23rd 2019. Valid for: 2 years.

This is the only time www.paywfc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.83 167.89.118.83	11377 (SENDGRID) (SENDGRID)
1 1	208.104.28.81 208.104.28.81	14615 (ROCK-HILL...) (ROCK-HILL-TELEPHONE)
9	208.104.28.69 208.104.28.69	14615 (ROCK-HILL...) (ROCK-HILL-TELEPHONE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	52.11.186.161 52.11.186.161	16509 (AMAZON-02) (AMAZON-02)
18	5

1 167.89.118.83 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net

url6259.wfcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.104.28.81 (Gastonia, United States) 1 redirects

ASN14615 (ROCK-HILL-TELEPHONE, US)
PTR: 208-104-28-81.ded.rkhlsc.stat.comporium.net

wfpayaccounts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 208.104.28.69 (Gastonia, United States)

ASN14615 (ROCK-HILL-TELEPHONE, US)
PTR: 208-104-28-69.ded.rkhlsc.stat.comporium.net

www.paywfc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.11.186.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-186-161.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	paywfc.com www.paywfc.com	391 KB
6	userway.org cdn.userway.org api.userway.org	27 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	jquery.com code.jquery.com	24 KB
1	wfpayaccounts.com 1 redirects wfpayaccounts.com	127 B
1	wfcorp.com 1 redirects url6259.wfcorp.com	228 B
18	6

	Domain	Requested by
9	www.paywfc.com	www.paywfc.com
4	cdn.userway.org	www.paywfc.com cdn.userway.org
2	api.userway.org	cdn.userway.org
2	cdnjs.cloudflare.com	www.paywfc.com cdnjs.cloudflare.com
1	code.jquery.com	www.paywfc.com
1	wfpayaccounts.com	1 redirects
1	url6259.wfcorp.com	1 redirects
18	7

This site contains links to these domains. Also see Links.

Domain
www.ftc.gov
www.wfcorp.com
www.coag.gov
www.nyc.gov
www.wdfi.org

Subject Issuer	Validity	Valid
paywfc.com DigiCert SHA2 Extended Validation Server CA	`2019-12-23` - `2022-01-05`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
cdn.userway.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-05` - `2022-01-05`	a year	crt.sh
api.userway.org Amazon	`2020-12-02` - `2021-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.paywfc.com/
Frame ID: BB9266D6D9F08F1DA2C41B28ACD01B84
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://url6259.wfcorp.com/ls/click?upn=o0MvJGw5ssKU4ZPpByRdtpCLogm5U46L6h839SxfWfagnHFPsfgS96v1fsTvGVr... HTTP 302
https://wfpayaccounts.com/ HTTP 302
https://www.paywfc.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

523 kB
Transfer

863 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ftc.gov/
Title: www.ftc.gov

Search URL Search Domain Scan URL

URL: https://www.wfcorp.com/ccpa/
Title: www.wfcorp.com/ccpa/

Search URL Search Domain Scan URL

URL: http://www.coag.gov/CAR
Title: WWW.COAG.GOV/CAR

Search URL Search Domain Scan URL

URL: http://www.nyc.gov/dcwp
Title: www.nyc.gov/dcwp

Search URL Search Domain Scan URL

URL: http://www.wdfi.org/
Title: www.wdfi.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url6259.wfcorp.com/ls/click?upn=o0MvJGw5ssKU4ZPpByRdtpCLogm5U46L6h839SxfWfagnHFPsfgS96v1fsTvGVrjIxMs_dxI7-2FYa-2Fl2zVsY5-2Fh3X8lSTM9DByjFAQ2Nd-2BN-2FrsIy2WVuGE9aEZDe5-2FkBuydiptlNmCBkz5VqyZcuHuEGDvqv-2B-2BYaoDfXlU4gWTHjHZmRdAVKVK8LKBNk-2BPf8sqQFgrGIuLA360LWWd5HP7-2BagD6d9XGylq3muC1xdeZZnD2JBn5q8oEEh-2BRDzMxzV6fOQd-2BzXhebfs-2BdZFapElUP-2FDTtxc8k-2B39vGP30CwEvW6wACHe4gBNkpoS8kxWm7xOlBLnkzapOpt9qGUp4-2F-2BkYajfvBuuYSmZ110g7svQEgLCNbhaKA9HNdsrEvL6XTgHdjyn-2BPRjuffU3eFsN-2BIP05B4k-2BrVHjVUacPeWHIOrxXeJFuks4TCShWTR-2FOueySTODNavGihjLxP6rvcMcgrtjYyRKc-2FMKTs7a8jNT9gU-2Br5C7iqLcDueDAACAACvOR9MX6Qslprq3SFtDSxGb0kAyROaTE7e376DsL9JB4ll58YAA-3D HTTP 302
https://wfpayaccounts.com/ HTTP 302
https://www.paywfc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.paywfc.com/
Redirect Chain

http://url6259.wfcorp.com/ls/click?upn=o0MvJGw5ssKU4ZPpByRdtpCLogm5U46L6h839SxfWfagnHFPsfgS96v1fsTvGVrjIxMs_dxI7-2FYa-2Fl2zVsY5-2Fh3X8lSTM9DByjFAQ2Nd-2BN-2FrsIy2WVuGE9aEZDe5-2FkBuydiptlNmCBkz5VqyZc...
https://wfpayaccounts.com/
https://www.paywfc.com/

31 KB
9 KB

741ms
129ms

Document
text/html

208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

1ed93990a1a202b599149949f78531e3b04e4ee018e44b2405d5f1b58576892c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.paywfc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 22 Oct 2020 13:13:35 GMT
Accept-Ranges: bytes
ETag: "80a9a12575a8d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Fri, 26 Feb 2021 01:40:46 GMT
Content-Length: 8941
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
X-Content-Security-Policy: frame-ancestors 'self'
x-webkit-csp: frame-ancestors 'self'
Referrer-Policy: strict-origin-when-cross-origin

Redirect headers

Location: https://www.paywfc.com/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 11ms
10ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 01:40:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1912150
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 087d97eb9a000005c89d840000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Q8%2FCv2X9tzkfVHYZ7VocejFMpGn%2FuPAo7XUj%2BLNu2OfIoSi%2Fv2WIoS0oZInv%2FSzo5yhjiaUTUXw6kMqEICq7PtCl%2BaC3UqFaYP%2Bz9Ad%2F60MzQ0L2CAnJ7gpIMblOXMbsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6275f5bf5c8c05c8-FRA
expires: Wed, 16 Feb 2022 01:40:46 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.paywfc.com/css/bootstrap4.4.1/css/ 156 KB
24 KB 132ms
131ms Stylesheet
text/css 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paywfc.com/css/bootstrap4.4.1/css/bootstrap.min.css

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 23664
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Jan 2020 13:18:52 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "0638d2b8d2d51:0"
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Type: text/css
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Security-Policy: frame-ancestors 'self'

GET
H/1.1 200
OK genericStyling.css
www.paywfc.com/css/ 6 KB
3 KB 369ms
128ms Stylesheet
text/css 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paywfc.com/css/genericStyling.css

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

d700d466bf362c4fb57b8176e64f4f1ae4a0ce400d13fc3d0d6ad7167c24b184

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 2330
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Jan 2020 15:41:40 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "012cc6ef1d5d51:0"
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Type: text/css
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Security-Policy: frame-ancestors 'self'

GET
H/1.1 200
OK index.css
www.paywfc.com/css/ 4 KB
2 KB 380ms
127ms Stylesheet
text/css 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paywfc.com/css/index.css

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

a49695660c17d017eb9d90a575c34fc2f2c6ea920a32064ff34e7615a1e9b779

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 1432
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Jan 2020 13:47:39 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "804f3e81e1d5d51:0"
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Type: text/css
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Security-Policy: frame-ancestors 'self'

GET
H/1.1 200
OK wf-logo-better.png
www.paywfc.com/images/ 7 KB
8 KB 385ms
130ms Image
image/png 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paywfc.com/images/wf-logo-better.png

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

9acf1ba83b122ae3434a2fd10890ddef508a1232f42e43dc4d29508f92c01782

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Jan 2020 13:18:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0638d2b8d2d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Content-Length: 7545
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors 'self'

GET
H/1.1 200
OK wf-logo-better-mobile.png
www.paywfc.com/images/ 6 KB
6 KB 147ms
130ms Image
image/png 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paywfc.com/images/wf-logo-better-mobile.png

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

482898023048f464eca6e7396c8a27697c9922a96111407559784512629e5490

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Jan 2020 13:18:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0638d2b8d2d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Content-Length: 5713
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors 'self'

GET
H2 200 jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 26ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: www.paywfc.com
URL: https://www.paywfc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Origin: https://www.paywfc.com
Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 01:40:46 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-1157d"
vary: Accept-Encoding
x-hw: 1614303646.dop160.fr8.t,1614303646.cds209.fr8.hc,1614303646.cds260.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24328

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
www.paywfc.com/javascript/bootstrap4.4.1/js/ 79 KB
31 KB 388ms
135ms Script
application/javascript 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paywfc.com/javascript/bootstrap4.4.1/js/bootstrap.bundle.min.js

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 30906
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Jan 2020 13:18:52 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "0638d2b8d2d51:0"
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Security-Policy: frame-ancestors 'self'

GET
H/1.1 200
OK genericJS.js Show response
www.paywfc.com/javascript/ 4 KB
2 KB 383ms
128ms Script
application/javascript 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paywfc.com/javascript/genericJS.js

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

03794f9bd3377cd62af5269eb8245c332a43651b5ccbca1ebbcaef2b526ee5b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 1674
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 28 Jan 2020 15:41:12 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "09c1b5ef1d5d51:0"
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Type: application/javascript
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Security-Policy: frame-ancestors 'self'

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
986 B 96ms
27ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.paywfc.com
URL: https://www.paywfc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 607bff5e86504edef8f18291a72c614a9cc6d57af686083fa2f6dd46fb77c1d4

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 26 Feb 2021 01:40:46 GMT
via: 1.1 421d6f0c8b018cdf0b78f7d15df10d0c.cloudfront.net (CloudFront)
x-77-nzt-ray: Ol3O/VywotE=
age: 64
x-77-cache: HIT
x-cache: HIT
x-age: 1745
content-encoding: br
x-77-nzt: AcO1ryyjjZnv0QYAAA==
last-modified: Thu, 25 Feb 2021 14:10:02 GMT
server: CDN77-Turbo
etag: W/"9158b92bacde0c95e3ba3d480f3383a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: FfbqM_uhs8vJiKLNwEf9rewTktkRVm7EfGRmjgkx1DCpJtoFiBbTLA==

GET
H/1.1 200
OK wf-bg.jpg
www.paywfc.com/images/ 305 KB
306 KB 129ms
129ms Image
image/jpeg 208.104.28.69
ROCK-HILL-TELEPHONE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paywfc.com/images/wf-bg.jpg

Requested by

Host: www.paywfc.com
URL: https://www.paywfc.com/css/genericStyling.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.104.28.69 Gastonia, United States, ASN14615 (ROCK-HILL-TELEPHONE, US),

Reverse DNS

208-104-28-69.ded.rkhlsc.stat.comporium.net

Software

Microsoft-IIS/10.0 /

Resource Hash

86e4fd65a63da16941dc0f1147ccbc9c049348165e9122aaa3bf61b2cd2bb583

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paywfc.com/css/genericStyling.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 01:40:46 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 24 Jan 2020 13:18:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0638d2b8d2d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Content-Length: 312779
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
x-webkit-csp: frame-ancestors 'self'
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors 'self'

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 15ms
15ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paywfc.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 01:40:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 840755
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 087d97ed1d00000eab20831000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HAasOmVDZQe5hThM6Y5OcqKtkOxEIu1CRpMGOk%2BcvCKGxo0i%2B1hyFGVYmhYnrWu7Oi3hqfHl2oftfs3DXluhPcO9ObfTBR%2FXEikvLClxCIciDRcGIdWjiJyMcG1aByZWzA%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6275f5c1cc360eab-FRA
expires: Wed, 16 Feb 2022 01:40:47 GMT

GET
H2 200 widget_app_base_1614262152861.js Show response
cdn.userway.org/widgetapp/2021-02-25/ 85 KB
23 KB 38ms
37ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2021-02-25/widget_app_base_1614262152861.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 284bb078d3a164a62b818a5599f1a3680612951fbc647b31671091eb88e3cc95

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 26 Feb 2021 01:40:47 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-77-nzt-ray: PRa6OPd9zWE=
age: 8
x-77-cache: HIT
x-cache: HIT
x-age: 41413
content-encoding: br
x-77-nzt: AcO1ryw56V7vxaEAAA==
last-modified: Thu, 25 Feb 2021 14:10:01 GMT
server: CDN77-Turbo
etag: W/"a4fa0607d2306ccc7e1ee042aa2d968a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: P4Xxa1dm4GO3a_JcSl_F0ILqehjBJ5UE41VtrIt3jby_777zTRu6Ww==

POST
H2 200 CxA0Xrtdnd Show response
api.userway.org/api/tunings/ 519 B
676 B 604ms
202ms XHR
application/json 52.11.186.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/CxA0Xrtdnd
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-02-25/widget_app_base_1614262152861.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.11.186.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-11-186-161.us-west-2.compute.amazonaws.com
Software: _ / Express
Resource Hash: d1fee119c103d2f42dd4542f2085d083d76b147d542867b86322681f46a5db0d

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Feb 2021 01:40:47 GMT
content-encoding: gzip
etag: W/"207-+kkFsbHNE0kckjQzOz8r/kFtIz8"
server: _
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-headers: Authorization,Origin,X-Requested-With,Content-Type,Accept,Cache-Control,If-Modified-Since,Pragma,X-Auth-Language,X-Auth-Token,X-Spl-Token
expires: Fri, 26 Feb 2021 01:40:47 GMT

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
898 B 28ms
27ms Image
image/svg+xml 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 26 Feb 2021 01:40:48 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-77-nzt-ray: uI0YhzOY2TE=
age: 27
x-77-cache: HIT
x-cache: HIT
x-age: 725486
content-encoding: br
x-77-nzt: AcO1rywrDVDv7hELAA==
last-modified: Mon, 18 Jan 2021 11:14:30 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
content-type: image/svg+xml
cache-control: max-age=2592000, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CV-BY_7bW-PVb5pCOUncpv0Hd90Ee4rZZqaQE9uECRspldtwg-l2EQ==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
941 B 28ms
28ms Image
image/svg+xml 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 26 Feb 2021 01:40:48 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
x-77-nzt-ray: cjWtb2G2BYc=
age: 28
x-77-cache: HIT
x-cache: HIT
x-age: 725486
content-encoding: br
x-77-nzt: AcO1ryxWPdfv7hELAA==
last-modified: Mon, 18 Jan 2021 11:14:30 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ka2p3-KsVuXALdVpCyX6vSUCS-o4fJV2nDYiuqQbMLW6YK_8zhvDOA==

GET
H2 200 status Show response
api.userway.org/api/seo-widget/v0/page/https%3A%2F%2Fwww.paywfc.com%2F/DESKTOP/WIDGET_OFF/ 77 B
295 B 202ms
202ms Fetch
application/json 52.11.186.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/seo-widget/v0/page/https%3A%2F%2Fwww.paywfc.com%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-02-25/widget_app_base_1614262152861.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.11.186.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-11-186-161.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer: https://www.paywfc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 01:40:53 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 77
x-service-version: ba80cbe7b664d73782169eee7a0708b1ba4759b1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.userway.org/widget.js(Line 1) Message: Loading for: https://www.paywfc.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
cdnjs.cloudflare.com
code.jquery.com
url6259.wfcorp.com
wfpayaccounts.com
www.paywfc.com
167.89.118.83
2001:4de0:ac19::1:b:1b
208.104.28.69
208.104.28.81
2606:4700::6810:135e
2a02:6ea0:c700::1
52.11.186.161
03794f9bd3377cd62af5269eb8245c332a43651b5ccbca1ebbcaef2b526ee5b2
1ed93990a1a202b599149949f78531e3b04e4ee018e44b2405d5f1b58576892c
284bb078d3a164a62b818a5599f1a3680612951fbc647b31671091eb88e3cc95
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
482898023048f464eca6e7396c8a27697c9922a96111407559784512629e5490
607bff5e86504edef8f18291a72c614a9cc6d57af686083fa2f6dd46fb77c1d4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
86e4fd65a63da16941dc0f1147ccbc9c049348165e9122aaa3bf61b2cd2bb583
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9acf1ba83b122ae3434a2fd10890ddef508a1232f42e43dc4d29508f92c01782
a49695660c17d017eb9d90a575c34fc2f2c6ea920a32064ff34e7615a1e9b779
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
d1fee119c103d2f42dd4542f2085d083d76b147d542867b86322681f46a5db0d
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d700d466bf362c4fb57b8176e64f4f1ae4a0ce400d13fc3d0d6ad7167c24b184
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

www.paywfc.com Open in urlscan Pro 208.104.28.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

5 IPs

3 Countries

523 kBTransfer

863 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

www.paywfc.com Open in urlscan Pro
208.104.28.69 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

523 kB
Transfer

863 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions