ei.front.dev.1xpay.space Open in urlscan Pro
2606:4700:20::681a:5c2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ei.front.dev.1xpay.space/
Submission: On March 19 via api (March 19th 2024, 8:42:57 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:20::681a:5c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is ei.front.dev.1xpay.space.
TLS certificate: Issued by E1 on March 18th 2024. Valid for: 3 months.

This is the only time ei.front.dev.1xpay.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
17	2606:4700:20:... 2606:4700:20::681a:5c2		13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2

17 2606:4700:20::681a:5c2 (United States)

ASN13335 (CLOUDFLARENET, US)

ei.front.dev.1xpay.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	1xpay.space ei.front.dev.1xpay.space	4 MB
0	usedesk.ru Failed lib.usedesk.ru Failed
0	googletagmanager.com Failed www.googletagmanager.com Failed
19	3

	Domain	Requested by
17	ei.front.dev.1xpay.space	ei.front.dev.1xpay.space
0	lib.usedesk.ru Failed	ei.front.dev.1xpay.space
0	www.googletagmanager.com Failed	ei.front.dev.1xpay.space
19	3

This site contains links to these domains. Also see Links.

Domain
exnode.io
pay.exnode.io
t.me

Subject Issuer	Validity	Valid
ei.front.dev.1xpay.space E1	`2024-03-18` - `2024-06-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ei.front.dev.1xpay.space/
Frame ID: 852F38F162748EF7BFAFF9BEDF7980B6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Advanced Cryptocurrency Payment Processing Gateway

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

19
Requests

89 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

4266 kB
Transfer

4878 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://exnode.io/

Search URL Search Domain Scan URL

URL: https://pay.exnode.io/register
Title: Personal Account

Search URL Search Domain Scan URL

URL: https://t.me/exnode_crypto

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ei.front.dev.1xpay.space/ 6 KB
3 KB 593ms
191ms Document
text/html 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ei.front.dev.1xpay.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860a198b505bdcbf024c63957eb6110c2128d3eae49908c3d0146b4447cfcac9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 86704a9a7b9a67c9-MIA
content-disposition: inline; filename="index.html"
content-encoding: br
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 19 Mar 2024 20:42:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePfhxX0l6yXE%2Fq5LNQngdHuKRnIYFLm2hwxAZxgxO%2FQXORJ8djGSbz87%2BbmlBrk4cmTLtc6ba1G%2F9CYUpP5EMogh6qg5EVpY50g6zFVZcRcXxcEb5ArlDPUcOnMiyEPY6rersKtFVrXGmD9y5BHu8SkHoPouEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 index-58bae510.js Show response
ei.front.dev.1xpay.space/assets/ 289 KB
92 KB 201ms
199ms Script
application/javascript 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ei.front.dev.1xpay.space/assets/index-58bae510.js

Requested by

Host: ei.front.dev.1xpay.space
URL: https://ei.front.dev.1xpay.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e0299fb3ebe18720dad67c74a038044f68459393fe453305913f262c7ed79e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ei.front.dev.1xpay.space/
Origin: https://ei.front.dev.1xpay.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="index-58bae510.js"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"150016133076b8d498c6dee875bef54338c4878b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u87KOmnQjgERLeJCgWf7d8ROWAoF49k9VsLZdwUEgFn5otmtgBfUFBBCjMee68wr413B5v35qNjZIHo3usWSIhHYuVpkPztzL8ldlcJtOJ1d8fzIG7CIEwrEbkOLNBUTZT2Y34EdZn3aE3NxuyBN8zsO8Y%2BuGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9bcde267c9-MIA

GET
H2 200 index-ae78023e.css
ei.front.dev.1xpay.space/assets/ 14 KB
3 KB 175ms
174ms Stylesheet
text/css 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ei.front.dev.1xpay.space/assets/index-ae78023e.css

Requested by

Host: ei.front.dev.1xpay.space
URL: https://ei.front.dev.1xpay.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae78023ea655699bc48e73703f0fecbea7783d84feba84286798a4faffca8944

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="index-ae78023e.css"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"cd6f41b3b9ee2d6aba3e07625d38082fb7784f67"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cHRJKkgLnZe%2B4Kzjerxv8Gh4L7MLdqxNT%2B4P%2Fm0AC42ZTRtswpgILqn3lIiyNQC6bK7bzUppTaQxzVPbte1DFhEB31hEWFnvYsWM51D60qJhI7c9PwRobq5rFqRb6hP0XR9GMFF9H0OHxSdklWwugHdFRiaEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9bcddf67c9-MIA

GET js
www.googletagmanager.com/gtag/ 0
0

GET widget_166758_51373.js
lib.usedesk.ru/secure.usedesk.ru/ 0
0

GET
H2 200 frame-cda2a61b.svg
ei.front.dev.1xpay.space/assets/ 7 KB
4 KB 171ms
171ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/frame-cda2a61b.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda2a61b82a485b3041598312dba10300e283cce0f3c2b13eedf1c06c2b23bba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="frame-cda2a61b.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6031efa6c3b136f64dd1929c50707c1147bacc67"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JeodVEeR%2BR0Tcwf55pP5nwKmnejvM41r%2FTriMGfzo9CCw8vnCGW1XMpBaPAgF8JOmZ7oHA17wt28uZnkJhpChNknih%2FbXbaSNVnidoAjTp%2BfVy2nRwCHzxgKLMhhifK5%2BpXkLyZ0ysz2QNOYj9K7K%2BOG9LujIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9d996b67c9-MIA

GET
H2 200 Checkbox-1b8d03a4.svg
ei.front.dev.1xpay.space/assets/ 2 KB
1 KB 180ms
176ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/Checkbox-1b8d03a4.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8d03a4d16a4233c475f0fee090213945ce666dbd8457f30f3a8c57843cc91b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="Checkbox-1b8d03a4.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9f4dc2c91e2a78a11957050b1cf6008e541c80fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxHjs3Kj4Zs9M6GqKruz2fRHW6aYYn6uR%2F9CWxqda3JmkLBh2lNWHxn3ksT%2F9u8BpA60WT2qZwmS5aXV%2FTec3zWNXq6jBCoKmBrUHRpo5MNlFMNc3Lr%2FBb52fyzqpfi5jiuUBcvXgRxwiyLTvUKC41L2pn95Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9da97a67c9-MIA

GET
H2 200 telegram-e0b076f5.svg
ei.front.dev.1xpay.space/assets/ 2 KB
2 KB 180ms
177ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/telegram-e0b076f5.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b076f5891cea5614b0f2507c6c6c9d1712a4ea7242f31b18eb66236f936796

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="telegram-e0b076f5.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5057c7227996d03aaa1cecbb650bffdafc310462"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5TTNcUQIvAeMsdb%2FozAJFzRMsMlMdOgbPxDToY9QXdq30e2JBK4bKWDcekTxfjK7%2FB7SIknPICFpONVbTRaCrcKD%2F%2ByCb%2B7ANygsMJ4S29lk8yZQh%2Fx23jqh1RA%2BnDdUo9ZF96shyoIj8BNThxuyuBbeCcXEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9da97b67c9-MIA

GET
H2 200 introduceEN-ca6a3b75.svg
ei.front.dev.1xpay.space/assets/ 726 KB
476 KB 223ms
220ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/introduceEN-ca6a3b75.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6a3b753529ecd46875367a97077e3b1bacb7b14dac462b006a714d6b8b3744

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="introduceEN-ca6a3b75.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fcfd2683423a4bed44ef267b503decede5b70c2b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KasAyQW7qpFoRDiWgc4ZaIF5opZzii0QGMNwVRNQRZlu1hvVrpmvWShtQ%2BEkMwzx20ipB0O49H81V0Wg7Od5Q6IW8gl5m3Hsf%2Fy%2FxsuYWxShASyq8lJ7T6UWIBHxAJj0rZsb%2FutZJDghwQXndjlCpGfCAU6NGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9da97c67c9-MIA

GET
H2 200 Checkboxblack-240164ac.svg
ei.front.dev.1xpay.space/assets/ 2 KB
1 KB 177ms
174ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/Checkboxblack-240164ac.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240164ace1bf84838fdda8c31d30d5238f49b50f9e5d394c80fc28a74d838fff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="Checkboxblack-240164ac.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e227405202a94123e9a06afdaab0078d82d60141"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GU2k7y6OipwzFLjNga6%2B0Kyf3Z0JAddILXC48l2GNPkaZcjyPtBOesOCM7IZaPe31il26XDcy8RfOJoUeRJAi2DPQcM8pQDax1VlaIBdMmkRRxNhAnz8akUZNOI%2Be%2BJmlIr2G53zU96kYORWPj9WO4lyj4%2FT7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9da97d67c9-MIA

GET
H2 200 lk3EN-3b994aac.png
ei.front.dev.1xpay.space/assets/ 199 KB
200 KB 180ms
178ms Image
image/webp 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/lk3EN-3b994aac.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3723062d024b5e611636ec645e9745dacaf048c2fe1a699a0de1528fd157402b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
content-security-policy: default-src 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=384281
content-disposition: inline; filename="lk3EN-3b994aac.webp"
content-length: 203748
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "c9db7be4f74322de62ec57f30010011d5091065c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sTyp9oG7UaRjJvxvi8GYxTqQEKt4oTQyAHtv%2BMmi%2F8yoGrxvcdEx1MhdiJo%2F8W7oZCCDoQoMP2kGznBYoHMR0aMT8mWsUtM6sqwMop2jooX9dKdUCagWhltcUfUw%2BB9mIr1lzwaVIXdOmI9cslz2juwQWvJbdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86704a9da97f67c9-MIA

GET
H2 200 unipayEN4-9e7dfc36.svg
ei.front.dev.1xpay.space/assets/ 138 KB
51 KB 682ms
680ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/unipayEN4-9e7dfc36.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e7dfc36ac7feaacfe99429f10dab1a5b3ec76b55709528f9138d4b626407ffc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="unipayEN4-9e7dfc36.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c65355547280d5e424bd0bcecb5992b357ded3cf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GT0Vh7wNRagNdo3KxAt4K3jthE%2FQyRZAWh8xDNRsIP6fhWluDVmPSBkpALmX0pQK0MiaR9FdnOdjOMgPJX4G1FYx0wNkcCw0vQhnQDTADLH0a29l311m90wh27O29ensXcvVJQV6mIbN3RrFtOSzQwzy8iAWXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9da98167c9-MIA

GET
H2 200 0EN-679826f6.png
ei.front.dev.1xpay.space/assets/ 60 KB
61 KB 180ms
178ms Image
image/webp 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/0EN-679826f6.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1741975a346aab4a966c5f04f3087c7511e420ebf2ab9a8ac8912fb94b9f5c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
content-security-policy: default-src 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=85263
content-disposition: inline; filename="0EN-679826f6.webp"
content-length: 61592
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "aee9cbccda811b186513e1a9e2d99e0429905d6b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KyPb7M2H8IGk%2FRpkcXV%2F3osbq0G0MIBfElyCAGk1mV6LQ9PLdZLWEG6HWmce2aHxd%2F8LTOYcEYD3stSFCOP%2FJJYkq4SeCD3jnQYorbkHY0YnwfANcVbhgRxjED3iqEikhBR61iMkWXnQPSKtCjvdvx57YJHQlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86704a9da98367c9-MIA

GET
H2 200 aboutEN2-c27d5e3f.svg
ei.front.dev.1xpay.space/assets/ 184 KB
120 KB 212ms
211ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/aboutEN2-c27d5e3f.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c27d5e3fa149e41459e9a20edb44a22f507a588dbf80787d25be9bcaf743e7e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="aboutEN2-c27d5e3f.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"be4cb1d7b7e3a5734e95a6fa6d2731380d951bf1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mk2Kx7f5toTVSW827REkKgL5Vww9jrsqLP2hg8a1XtoI8RlfidUlo9bVGxLFbetjbFnieu05WDqjY6XgLL4YxJGE0i73HbeZ27kqtLb0D1DanzmG1V6wcb0DjSKlrrJ%2FKqHe9uk6WpBpKv82jrfP84H%2FBQ1JYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9da98567c9-MIA

GET
H2 200 check-4b36bd19.svg
ei.front.dev.1xpay.space/assets/ 244 B
556 B 517ms
516ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/check-4b36bd19.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b36bd19145670a60f86a27f1e80cfbf558e41bf5f4b60cd293a500c68388921

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="check-4b36bd19.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ddb380de4aaa8516d46cb01bc2b5ac559a635e38"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bo1NWHD2YqR6ZVzAUJwxY3dsAn20ryGnQtKIdGLJYiQHk2oCvN63caYv%2FmQh5nM3HSFgbQVULYdUy1Ll0qftb96SRi0VqfLddWuKiR0quHzntcWnGU8CLRXjfg6VHejHPmMiX%2Fq7mMx6eC%2Bc%2BmM2bMTc%2BRSjMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9da98a67c9-MIA

GET
H2 200 mail-bbc4c181.svg
ei.front.dev.1xpay.space/assets/ 880 B
836 B 216ms
215ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/mail-bbc4c181.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4c181e66a8d6c4d33616db0ca1654b22f6e9a214c21aad88a4626a7f209d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="mail-bbc4c181.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9be84bb8554ca33905f8aaf7acea74acff14ab5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXHwxFNzARhoIiIe21fgZdWxpffJAnCM4JMGkIlXyNtVb5h%2B5iyTHJT5%2FKVjQeylb6gb%2BeMiBOXDMfQ6Af6Hfce9kFeG%2FRRe%2FbPZ4FaRPxdY3ujmz5Oiw%2Fjd3Z%2FLGRkJOd3zU%2F8Kz64lHFLBV5hcLjgBWKOTjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9dd9ea67c9-MIA

GET
H2 200 line-e7473b82.svg
ei.front.dev.1xpay.space/assets/ 668 B
774 B 245ms
244ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/line-e7473b82.svg

Requested by

Host: ei.front.dev.1xpay.space
URL: https://ei.front.dev.1xpay.space/assets/index-ae78023e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7473b82a2373b9106a734f14296d40fec8bc13034df0ac87669f79a26b9944b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/assets/index-ae78023e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="line-e7473b82.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"47d20ded2ae612c32757ff6f4ddd02e87b296c6f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g1IXHigUZh5YphR8prnU91Ojpt6z39If5V7QeEPODjX48ENrGikLH6Q3JAse63Z2hajG5Pq%2BRO8ZEn4VYyKniQauxosMQLDgDRkX%2BSk69%2BkcKz695%2F%2BpEb197TFMEYjDq%2BL95O7TgbQa7y6G5i63P4UeNtPsOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9dd9ed67c9-MIA

GET
H2 200 form4-051e13c4.png
ei.front.dev.1xpay.space/assets/ 3 MB
3 MB 215ms
214ms Image
image/png 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/form4-051e13c4.png

Requested by

Host: ei.front.dev.1xpay.space
URL: https://ei.front.dev.1xpay.space/assets/index-ae78023e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051e13c4b25543b4af60ffeaa1c78bc037f786c2c27ee4555dd579bebbf2cf93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/assets/index-ae78023e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
content-security-policy: default-src 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=input_too_large
content-disposition: inline; filename="form4-051e13c4.png"
content-length: 3324096
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a374bc5d8bf998d3d7dab3a83f120ba6520ebe4f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmllwKDZST6bNTApbpe8xp%2FmpQEyp9cwHv2aGYxmtpabiHSivJ0fy9oM7TV5Iei2QnQfp7QDS80GOJl%2BfZ2LVgPUfl6a1UAXH99KqDPzBcLoY0%2FzI555urbHE6ZuJ9yc9NJlDxL2%2BLysg4fQhy3NP0gUCNwQJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86704a9dd9ee67c9-MIA

GET
H2 200 start-95d22bf6.svg
ei.front.dev.1xpay.space/assets/ 687 B
1 KB 216ms
215ms Image
image/svg+xml 2606:4700:20::681a:5c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ei.front.dev.1xpay.space/assets/start-95d22bf6.svg

Requested by

Host: ei.front.dev.1xpay.space
URL: https://ei.front.dev.1xpay.space/assets/index-ae78023e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95d22bf6f0a5114958d91ad6c65fdf9e5656f2623ae4968bf4b8292e3e105d80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ei.front.dev.1xpay.space/assets/index-ae78023e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 20:42:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self'; upgrade-insecure-requests;
content-encoding: br
content-disposition: inline; filename="start-95d22bf6.svg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"dc69a73e01d2cc806357488c5c97c44d9236bb6a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjHBn%2Bk%2F36q5V8v30ETSCit2iR7Ozb5jtq%2FD8nD7eVmSU%2Bj7lj0Vh2I5Q4sUyTZtYUx4Faw67fkGzo0wJ1M4F9iiV8%2FkCvvl2PVWwd4wWUdfcfrBtqqvVYV9VkhGG0wSiXpKgFVjHT3d5TDzvM8OchwoNR8a4A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 86704a9dd9f067c9-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FBKRPGL8R

Domain: lib.usedesk.ru
URL: https://lib.usedesk.ru/secure.usedesk.ru/widget_166758_51373.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ei.front.dev.1xpay.space/(Line 4) Message: Refused to load the image 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABsAAAAbCAYAAACN1PRVAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAPtSURBVHgBlVZdaBRXFP7uZLMak00mIm26bWDaUhKwpisYJC2lEdpCXmJCqS1WaFTabqCltppSStdY+xYp2KeIGFDQh4igBsQg4q4PRtA8DPmR7IOyGo3RKNlkXSWJ2es5s9l1dudnkw+G+3PunO+en3vvEVgGVFVTi1f7WiBlAEJUCAlVCsRpPENjfQELkfjkWKyQHuEmXFf1YaOA6BRCNKIApJQRak5MTQ4fx0rIliw5TCTfY4WQkJEFubDTzlILmVpVq3mFN0xdzU6ZKPahqNQPz9oao+VxcuQI5HzCRAh96uHQxvx/PW5Eq99rhuL1waPWkPJaeFg5jfORSk7gefRUdhz661ftl593Bcgzui1ZPpGnsgYVD...Se7oMd6L6Me8iXuvk+dnKfv5LIjPjU45OP6y1yw32dtu7LsOnK/KqiiHmO09zusu0JwhVtu/ZgdjbhKFegRJR4TI/zG8QTpXXttnHSUmEjLk5g142MRuGC2OSkHjEShC7Lf9Lus25/7n4YYxdCboqMm37f786ms35us8Gq2T5w1utvaDEv4jSfvrzbyL7BGxdR/Y4fbuC48a2Rl42xxw+H3uVONvVL3mjYKURuZibp4DIR49rATRQCHwXe1Pr1S+8bFUWKVLZk5NlDrR8W8Q++vtS66q3NYeEtV/mW4C+DUYeYcFKwRcOjY0bLVmXWSiF/o1jFMmstNUjgT6nNT98LP+3frpnrigq6MQ4e7MDsTAIjt6KGwpmZNJEFZBETTT3IrbRsq6uqqoCWEqkD1F1xdUUKrwqptJktMsmcQaSNkkjp9H+GZZCkpDy+4rrRhlRbBL17QtCbBONJSlfEiJMCnSw5Z2dJPl4BcFqBtJKYj+QAAAAASUVORK5CYII=' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://ei.front.dev.1xpay.space/(Line 16) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Z6Cl7qyHd/P5nKNWE4Di7jt2+j3pqRYWoPBcUsUJPoQ='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://ei.front.dev.1xpay.space/ Message: Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-1FBKRPGL8R' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://ei.front.dev.1xpay.space/(Line 37) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-X+n5IIhhMqusK6I8vvaZvaJWOSOjoIJZSJtvIImuvWs='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://ei.front.dev.1xpay.space/ Message: Refused to load the script 'https://lib.usedesk.ru/secure.usedesk.ru/widget_166758_51373.js' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://ei.front.dev.1xpay.space/(Line 58) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-9RBfCMFy4+KL3v+KLzsqpRIO6UrIe2Y+ALjJvrV2MUw='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://ei.front.dev.1xpay.space/(Line 110) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-+G3nzZjdU+7qEHnOKjHMD5ktis6NGdSuVDKQ3W2ggEw='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ei.front.dev.1xpay.space
lib.usedesk.ru
www.googletagmanager.com
lib.usedesk.ru
www.googletagmanager.com
2606:4700:20::681a:5c2
051e13c4b25543b4af60ffeaa1c78bc037f786c2c27ee4555dd579bebbf2cf93
1b8d03a4d16a4233c475f0fee090213945ce666dbd8457f30f3a8c57843cc91b
23e0299fb3ebe18720dad67c74a038044f68459393fe453305913f262c7ed79e
240164ace1bf84838fdda8c31d30d5238f49b50f9e5d394c80fc28a74d838fff
3723062d024b5e611636ec645e9745dacaf048c2fe1a699a0de1528fd157402b
4b36bd19145670a60f86a27f1e80cfbf558e41bf5f4b60cd293a500c68388921
860a198b505bdcbf024c63957eb6110c2128d3eae49908c3d0146b4447cfcac9
95d22bf6f0a5114958d91ad6c65fdf9e5656f2623ae4968bf4b8292e3e105d80
9e7dfc36ac7feaacfe99429f10dab1a5b3ec76b55709528f9138d4b626407ffc
ae78023ea655699bc48e73703f0fecbea7783d84feba84286798a4faffca8944
bbc4c181e66a8d6c4d33616db0ca1654b22f6e9a214c21aad88a4626a7f209d1
c27d5e3fa149e41459e9a20edb44a22f507a588dbf80787d25be9bcaf743e7e3
ca6a3b753529ecd46875367a97077e3b1bacb7b14dac462b006a714d6b8b3744
cda2a61b82a485b3041598312dba10300e283cce0f3c2b13eedf1c06c2b23bba
d1741975a346aab4a966c5f04f3087c7511e420ebf2ab9a8ac8912fb94b9f5c3
e0b076f5891cea5614b0f2507c6c6c9d1712a4ea7242f31b18eb66236f936796
e7473b82a2373b9106a734f14296d40fec8bc13034df0ac87669f79a26b9944b

ei.front.dev.1xpay.space Open in urlscan Pro 2606:4700:20::681a:5c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

4266 kBTransfer

4878 kBSize

0 Cookies

3 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

7 Console Messages

Security Headers

Indicators

ei.front.dev.1xpay.space Open in urlscan Pro
2606:4700:20::681a:5c2 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

4266 kB
Transfer

4878 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions