urlscan.io logo urlscan.io
SecurityTrails logo

dpd-hr.www-paysite.site Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Effective URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Submission: On January 17 via manual from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 69 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dpd-hr.www-paysite.site.
TLS certificate: Issued by GTS CA 1P5 on January 13th 2024. Valid for: 3 months.
This is the only time dpd-hr.www-paysite.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

IP Address AS Autonomous System
1 44 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a04:4e42:400... 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
3 185.155.208.1 205607 (ZABA-AS -...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a02:4780:9:1... 47583 (AS-HOSTINGER)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
69 9
44    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dpd-hr.www-paysite.site
4    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
5    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    185.155.208.1 (Croatia)

ASN205607 (ZABA-AS ---HT---, HR)
PTR: www.zaba.hr
www.zaba.hr
7    2606:4700:3034::6815:4ca6 (United States)

ASN13335 (CLOUDFLARENET, US)
www-comp-pay.site
2    2a02:4780:9:1111:0:1aa4:22e8:2 (Vilnius, Lithuania)

ASN47583 (AS-HOSTINGER, CY)
pmtomrer.dk
1    2606:4700:e2::ac40:8507 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.iconfinder.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
44 www-paysite.site
dpd-hr.www-paysite.site
233 KB
7 www-comp-pay.site
www-comp-pay.site
36 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
3 KB
4 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
121 KB
3 gstatic.com
fonts.gstatic.com
250 KB
3 zaba.hr
www.zaba.hr — Cisco Umbrella Rank: 361164
1 KB
2 pmtomrer.dk
pmtomrer.dk
2 MB
1 iconfinder.com
cdn2.iconfinder.com — Cisco Umbrella Rank: 87769
12 KB
69 8
Domain Requested by
44 dpd-hr.www-paysite.site 1 redirects dpd-hr.www-paysite.site
code.jquery.com
7 www-comp-pay.site dpd-hr.www-paysite.site
code.jquery.com
5 fonts.googleapis.com dpd-hr.www-paysite.site
www-comp-pay.site
4 code.jquery.com dpd-hr.www-paysite.site
www-comp-pay.site
3 fonts.gstatic.com fonts.googleapis.com
3 www.zaba.hr dpd-hr.www-paysite.site
code.jquery.com
2 pmtomrer.dk www-comp-pay.site
1 cdn2.iconfinder.com dpd-hr.www-paysite.site
69 8

This site contains no links.

Subject Issuer Validity Valid
www-paysite.site
GTS CA 1P5		 2024-01-13 -
2024-04-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.zaba.hr
DigiCert EV RSA CA G2		 2023-08-30 -
2024-09-23		 a year crt.sh
www-comp-pay.site
GTS CA 1P5		 2024-01-10 -
2024-04-09		 3 months crt.sh
pmtomrer.dk
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
iconfinder.com
Cloudflare Inc ECC CA-3		 2024-01-13 -
2024-12-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Frame ID: E00CE4C36DB32FFA25A1D1BD2EABAA3C
Requests: 56 HTTP requests in this frame

Frame: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Frame ID: 643BE529B46C70D4FCAB1E3C804A96F2
Requests: 5 HTTP requests in this frame

Frame: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Frame ID: EE5E134EEC9A5004838C2829E8D6DF1C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirmation

Page URL History Show full URLs

  1. https://dpd-hr.www-paysite.site/zaba/591451443918 HTTP 302
    https://dpd-hr.www-paysite.site/zaba/591451443918 Page URL
  2. https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

99 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

2936 kB
Transfer

3618 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dpd-hr.www-paysite.site/zaba/591451443918 HTTP 302
    https://dpd-hr.www-paysite.site/zaba/591451443918 Page URL
  2. https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://dpd-hr.www-paysite.site/zaba/591451443918 HTTP 302
  • https://dpd-hr.www-paysite.site/zaba/591451443918

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
591451443918
dpd-hr.www-paysite.site/zaba/
Redirect Chain
  • https://dpd-hr.www-paysite.site/zaba/591451443918
  • https://dpd-hr.www-paysite.site/zaba/591451443918
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60eb9f650f5b84dc2212fe4375a38b3b29b18920c7c66f135544ddc3eb5bc985

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
846f9960e99e4db4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 15:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FUVg0qwvArAZaBEHJVALkEtd39irFzrhfQiyXZgJm%2B9iH%2BpZcS7rgfeA6RV3G7SrIAj%2ByW7ImCKxuc7U%2FLhDiIwPOJyyR833gdlMd9yADWUEnFnabHopY%2Ftl1T6NiK7i2hFqg5YE2bQZQvGMbzw3Qaoki%2Fsww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
846f9960a9374db4-FRA
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 15:23:23 GMT
location
/zaba/591451443918
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8SRvwTqXgWm7sUbdJ1%2FJ%2F2zFI3gZJNNMQzaFqpTF%2BNTjrzfgJ%2B0Vr5PBSXc2PallWYHjMBe1j0gbyrPzvaNQmVJi7MvPZvLDvd9bsC9l8QlHGSRPrADZv8jvWPFZ2QNcmBw5uHIC0EkhULGHkme0alRcyUlWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ruxitagentjs_ICA27NVfhjqrux_10275230919171419.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		216 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/ruxitagentjs_ICA27NVfhjqrux_10275230919171419.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf7b4521bd261cc83f4dfdcfbbb79e9a206a00f4347118ff0b24ce441bba35

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"3619f-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89tDYsuyktagTCevFJQ3B77BTq2tDp06OftyW6EfF4V%2FJud0TRWqE%2FiA2ZcXYLWFS39DZI70fVcQNJkWMtP9%2BO5k0se5ryCaH7XvfAvbdm29ncP%2F1MHXsbW2EFA3T0EfTaPwN0hkCZTakgNeVnRwY742t6VXyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab8365fc-AMS
alt-svc
h3=":443"; ma=86400
lajsna.css
dpd-hr.www-paysite.site/zaba_files/ 		1 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/lajsna.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04520114101c07415ef81924f6a2d91cc9b750280d723074981d188d3dd2467f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"522-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DumPaFZaDa6QT9GoEjrjoXxWj2f95mBmixzxLGU0zLjxvpAzKivfmMjzZ0prYID80ww9b0v9U3wemU0q28RS1wC6WL9ezCDCuiIts1wUmCpoMBWv%2F9SYNiHbq9pn44j%2BJf%2B6gnIj9WxXRYDOlADJliElcxukpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f9962ab8865fc-AMS
alt-svc
h3=":443"; ma=86400
eZaba.css
dpd-hr.www-paysite.site/zaba_files/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/eZaba.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607c3303b29adec8f90c79aa253acf9c13d50c810b8c37b5836f19f2c07be0bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"7540-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8kkN1CHFi%2FCCd0c9rZMIKaGmAOCZlBgi2P19yZtfGggwN7bayAptm3wfApPHxajrR91TNh9LcNlORsKsuGVDq56%2Brrn9jObrWWDniwa2n1tbrOOp8Z0On%2BkbRbeijlzxRgMnPscxVygQXf6J4KwGAnw0bYBVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f9962ab8965fc-AMS
alt-svc
h3=":443"; ma=86400
zaba_hr.css
dpd-hr.www-paysite.site/zaba_files/ 		1 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/zaba_hr.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f383f7cad06ec67b238b17baa0a84d43c068196a038d0be2d9d833a5adba8eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"4ac-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWGCA%2BMDaqUYh%2BX9jk725P0Z1%2FgG3vwMIBT%2FvPmriDUn8bEsGPfp7LZvHlfIsigkXO5X7%2Btfs3ltO%2Fa5DM7rm0OF5zEi5E1jjfswFOwKwbTwJXJHrpjnx4XeorILbAM5ZNylJrLA%2FTiH%2F0u3BnmMJETy5JJIfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f9962ab8b65fc-AMS
alt-svc
h3=":443"; ma=86400
SEPA.css
dpd-hr.www-paysite.site/zaba_files/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/SEPA.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7f57cc53e7d436a595f3fce66759f66b16042c67969d5c6b7609ca91d643ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"1f6e-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNqNGk50TIcSr8X7PRweRtZoQYMJ7BzgWumSJg7YKjlJKKlhJ1J40fb%2Fd6oO%2BMwjZ7o6mu5cIZpHIwgBq7A6cnrgvNET9x2BJWdxBIEu0FmJGm0A54qyCTP6OjTIT%2BWJt0H7ugVH4%2F9fZbdHCZtsvijgzJLeCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f9962ab8c65fc-AMS
alt-svc
h3=":443"; ma=86400
Utils.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/Utils.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a036ea7aae63329abd8fc1750134aa15da4835230f5d180c481dbf094b2b31e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"65b5-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BdHtuHeqafL%2B9Bu89yB%2F6pS0j4ByyyfoWH9qtckcZev3IFBeJ3q%2FXTKhmk%2FM7HYSzSJDWcn5ivs7yhcRY2mA529859oioIwOSpVIjLWrySOUv7TvY2EKemb9z9wRToiI6DUCXSSVfmgY09eZPSiAYx70L3jcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab8d65fc-AMS
alt-svc
h3=":443"; ma=86400
Validations.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/Validations.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fadb4872c995a706b4d92307ab93e85453ecd002d49fe87f7a4546679ba96f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"1df4-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf6tta02LBW9g9txSsYa8yLpDHQb0Y7rpVfVrg9K%2F%2B606S6tUuOMOhshsbYhHsmiDqaDd0AHBMzUOSol6n%2FHRVFkncVHNrDvyB3%2FRFA5ThMMUxdfoyv6p2IhYsc%2Bp2XZll83hidrhjexIzWpNcLJdX2AoziPdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab8e65fc-AMS
alt-svc
h3=":443"; ma=86400
EntControl.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		928 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/EntControl.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5a658cb19a73536d318e8bcbeda5e0d090a98feb61a2db93add846f03747dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:36 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"3a0-607c710712200-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgJmliwU71k2XP%2BoiGhO4S1FB5wTki2WZ%2FhxdAYLBuCPHrD3xnz2UEBhGFWBC7Vf1JY1N2mQYbPmci2hEXV3KqgSRlUYA3R%2BmFQH14ohVcnuRfKPoMI5U6xGrjqlSush1uqRFpW56n86Qe8IoQgTriUzGmyh9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab8f65fc-AMS
alt-svc
h3=":443"; ma=86400
gLogin.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/gLogin.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31814c85eef4bdf1b569219a9cddbdaf2df0da41fffc6bc0ab09a3b91a357c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"622-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJCFeuhGB6bq4GqD4O53fZK6nuUg2HeXR%2BfM8klaUsY0Lh5MEElt8hl3VpNH4bwQgWVeWdBn%2FHEOCBOOXyBhvWIhGgU2HsPx2CR%2FHO0%2FUOoaUpcOk9gGrPclfh7QqAQV8moRi00wRGKXBM9uL9TD5LRm%2FrwmhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab9065fc-AMS
alt-svc
h3=":443"; ma=86400
jquery-3.5.1.min.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/jquery-3.5.1.min.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"15d86-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TLjDO8xYOThZPSqzCmXnoYgY3R96YSwrHihOQvqRB3vtzgfp31LxYEkMM8ecmvFscrvcbF6cNPpP7ccIW7xlVd6j75OmpGuMV9VfovDJb%2FxdLc20DVCKEaC8SMVdD0iOWWnP8UUIBUmie%2FOsHBEkjdxUf4Ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab9265fc-AMS
alt-svc
h3=":443"; ma=86400
jquery.blockUI.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/jquery.blockUI.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f44614b9616b855c323f937e32312a94fb4cd3ed7c6cdd4ec08cb13382de4741

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"5031-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02GA6j%2BaXUnXitVzKICtIGkjsuQcJY7ZFZNqXQBkzXPUGalcikwIFFbeu2ZDU%2FEfOVtVrs1rIWGP6KbXtdiYTAM0OdO8cO4Ww2RcZf5NqFACZVp1GlYEXU0CPjGBNHa8gl%2FxzT03CK9olhOC8uy3XGaGbRhq%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab9465fc-AMS
alt-svc
h3=":443"; ma=86400
jquery.pup.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
dpd-hr.www-paysite.site/zaba_files/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/jquery.pup.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
decb5f47afecc7bb9e3d911dcbba91afbab07f2304e8e777b9196d294078a443

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"ac2-607c710806440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBk40f88mtXFhmuOQjv3ZISzUKgjxOWUlFuigjehTvnmm72d628NvuIPS2n1PiCox74BoxTNlcRMXUUxppp5cLMfTqimjVQT6AQFEEeEkRNU7T6lPycItDJMjgDbt0X0FufS0BktVnpKgWIYPA00iUKptl7w0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
baloo-proxy
1.4
cf-ray
846f9962ab9565fc-AMS
alt-svc
h3=":443"; ma=86400
Logo.jpg
dpd-hr.www-paysite.site/zaba_files/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/zaba_files/Logo.jpg
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd37442deb721a6835cbaa3dcaa7353a926ab5ccedff29f1333e0ed1682ad298

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13255
last-modified
Sun, 15 Oct 2023 20:23:37 GMT
proxy-cache
MISS
server
cloudflare
etag
"33c7-607c710806440"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEPrsxrgCg24qsv3V2cQGOOX%2Fod4Mm2GQUhuPVbyKqQUsrMYj0wuCutZK7hpJSF0wcc6S2X0v39uAtgL7FL5HMmjQwzC9NVpruQdpgmqHYVA1WQ6Sr%2BqaRzMVNppQPVeryp8NYrIS1ENXHOjiu%2B5kLPHgeoI2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
baloo-proxy
1.4
accept-ranges
bytes
cf-ray
846f9962ab9665fc-AMS
468x60-m-zaba-ezaba-login.jpg
dpd-hr.www-paysite.site/zaba_files/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/zaba_files/468x60-m-zaba-ezaba-login.jpg
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2916b8d69385a9a50c1c1ad4c40cdfbb7476f4efff49aed9bffedbf5fe197a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41147
last-modified
Sun, 15 Oct 2023 20:23:36 GMT
proxy-cache
MISS
server
cloudflare
etag
"a0bb-607c710712200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7pVcpyYbskmNgCPGtfRROut1%2FlOOHKJOXE9Hxc4V0nvJqACKtwuda2Y2awYcVkvNb3dQ08sS886TH9%2FAU6oBMZvPn1HwSfsMBcdGiuGwiveyHZeS7hUreCIP5QETepZxXmu0ZFqq1hXGYDGWNpZEONz53n5fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
baloo-proxy
1.4
accept-ranges
bytes
cf-ray
846f9962ab9865fc-AMS
email-decode.min.js
dpd-hr.www-paysite.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 17:29:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65983c8b-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8PE5hX6elFtnHZCVquni0%2F71kY48NtL%2FHz%2BKFojvDaqAiu6Xhr4AwoXJepz7FyTeM1QiQoeZ2fUi%2F0OgyolO990Z8BGJoeLC7rrFWV%2F8eQIil7CCpEpM07QIqZuD3g7Z0IfpyA2MWWtiYPXmqfcD49wvGWa1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
846f99639cfa65fc-AMS
expires
Fri, 19 Jan 2024 15:23:24 GMT
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://dpd-hr.www-paysite.site/
Origin
https://dpd-hr.www-paysite.site
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6121490
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-ams21060-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705505004.138718,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5, 85719
chat.css
dpd-hr.www-paysite.site/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/chat.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b631236e00fdd55837e540e668f88aae9faafadd5e1d20a30aa27ed59754da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"1771-607c655d1dd40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VnvAN2zsbmiZvngak%2B03VUAvDLsuyQtw7ruXh2iqIMPtTe6fSmJJB2lt3WRj%2F6fNPaT6pKvu0K0sjFAhdofhVybIn1%2BDqYt%2FBhR588KmNbQend2GKLyWghma2QLLSIRWDZNR92nMesd9Wj2%2FME3VFdn3TwE5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f9963bd3d65fc-AMS
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		696 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6dc27dafd0f0c8c6ebf8461ed31c5fbea1283fa96d37baa6bd8a0276cf645739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:23:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:23:24 GMT
opcenito.css
dpd-hr.www-paysite.site/zaba_files/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/opcenito.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/eZaba.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba_files/eZaba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDb6LA5AEL9NFPg077%2B06JGlKMRMSbGCaOLGT28BUf85VtafF0APHXWzEZuFhACxR0Gb%2BiFDAzsE50G7F1wYfhAHAKWwfW1aBjESD1gop7nhdM9q6498TNBji9J%2B9LhXsr4TBQdiXXWXg1g4rzBqUP9xS3PuKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f9963bd3165fc-AMS
alt-svc
h3=":443"; ma=86400
meni.css
dpd-hr.www-paysite.site/zaba_files/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/zaba_files/meni.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/eZaba.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba_files/eZaba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F%2BGcHdZrxsJAvZ1lk8M681dQjdjTu0A5fREBmYerOwh6h5KikRBAxwfQ8%2BjyKnLy%2BSeuAlER6Ya1Bax%2FbB%2BphVx9dZAxCPlvv0H54DTmqxAnLrS3xAbjY8iKKaWjiyVqX2VKZcVG%2FcZAzLdQGokvzWbClNWDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f9963bd3465fc-AMS
alt-svc
h3=":443"; ma=86400
serviceBarBgnd.gif
www.zaba.hr/ebank/gradjani/images/ 		129 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zaba.hr/ebank/gradjani/images/serviceBarBgnd.gif
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/lajsna.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.155.208.1 , Croatia, ASN205607 (ZABA-AS ---HT---, HR),
Reverse DNS
www.zaba.hr
Software
/
Resource Hash
fcb1bc2cda4d6b64f07bbe09cf11122a751c97e0a1e0bcb2262218d2e1b49759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;preload
last-modified
Thu, 02 Nov 2023 10:43:10 GMT
transfer-encoding
chunked
content-language
hr-HR
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
image/gif
bullet_dot.gif
dpd-hr.www-paysite.site/images/ 		285 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/images/bullet_dot.gif
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/zaba_hr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee923ae709cd75b5c7e7ee2937f2aec89a660c3042c5a7a16bb8b10c410f8ea9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba_files/zaba_hr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvL4o9vVIJvzse5j6koRBQQ%2BE1F7%2Bxkal9C7F%2B5POZTNAzyIhiwR4ERy5Juj7hRYPEWeOucvLGTdhb1xzxMXPkSQO8OwACBuZtcch5%2B%2BizzHCzjKDyH9PRvROQzjLrDeO6NMdHCowzcf6KNjBkBVtlUD6BzMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f99645eaa65fc-AMS
alt-svc
h3=":443"; ma=86400
serviceBarActiveBgnd.gif
www.zaba.hr/ebank/gradjani/images/ 		129 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zaba.hr/ebank/gradjani/images/serviceBarActiveBgnd.gif
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/lajsna.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.155.208.1 , Croatia, ASN205607 (ZABA-AS ---HT---, HR),
Reverse DNS
www.zaba.hr
Software
/
Resource Hash
a5a819e9dadab4e1429a72c6db4de14bc6f2073811748c5cfa97a8bf97c321d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;preload
last-modified
Thu, 02 Nov 2023 10:43:10 GMT
transfer-encoding
chunked
content-language
hr-HR
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
image/gif
alert.png
dpd-hr.www-paysite.site/images/ 		285 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/images/alert.png
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/eZaba.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee923ae709cd75b5c7e7ee2937f2aec89a660c3042c5a7a16bb8b10c410f8ea9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/zaba_files/eZaba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUN6asP5E%2FKsJ%2FNJjeunwyqSADKUJRkVfkgAJFrWNcc41xdT2QL%2FEDZG1xlHm%2BRbUauNyZptLDmiU7iaNgtzHjTDH9v7XEdcZjZaVdLm8U0rj%2BWXA1JMPcJo2IAIDBOZEYx9kfOCXlOHllPpBAbcsHBhNbJ07w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f99645eb165fc-AMS
alt-svc
h3=":443"; ma=86400
chat.php
www-comp-pay.site/nwbt/bot-api/ Frame 643B 		72 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b192c2ac9b6ba4d62a7542314f897b5ceb41c36772e55c25c85d8ad685eab027

Request headers

Referer
https://dpd-hr.www-paysite.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
846f99651fa9372f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 15:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Wg58CSw8lnIqtstkzxqV1Wyk%2FxZ%2FqFnfnw1lattu9Gxao6BkL%2BEJt0Z0k40Gf2qfejdId1PNbIQCjsIwuhNwssKpZrQv6DGaR6xvzItdBr%2FDhWYVuHjks3%2FWztySknizUXOYE4NP%2FGEj0BdTzKr%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Kalendar.js
www.zaba.hr/ebank/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zaba.hr/ebank/Kalendar.js?v=1705505004238&_=1705505004212
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.155.208.1 , Croatia, ASN205607 (ZABA-AS ---HT---, HR),
Reverse DNS
www.zaba.hr
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NON CUR OTPi OUR NOR UNI"
date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;preload
x-old-content-length
83
transfer-encoding
chunked
content-type
text/html; charset=iso-8859-1
jquery-3.4.1.min.js
code.jquery.com/ Frame 643B 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: www-comp-pay.site
URL: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www-comp-pay.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
822087
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21923-LGA, cache-ams21039-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705505004.498478,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
16, 149506
css2
fonts.googleapis.com/ Frame 643B 		2 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Requested by
Host: www-comp-pay.site
URL: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae427a9b14139b41e89b8e50b3616f15408f23e8b31214e5458831af604e4eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www-comp-pay.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:03:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:23:24 GMT
kontakt-os-1-1024x1024.png
pmtomrer.dk/wp-content/uploads/2020/03/ Frame 643B 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmtomrer.dk/wp-content/uploads/2020/03/kontakt-os-1-1024x1024.png
Requested by
Host: www-comp-pay.site
URL: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:9:1111:0:1aa4:22e8:2 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0aca7b63af97c4d5b5e5743d7b4ef21dea5553d15653e9048cfdfdd30bc9afd2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www-comp-pay.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:24 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 24 Mar 2020 19:36:09 GMT
server
LiteSpeed
etag
"11cc6f-5e7a6129-6ef288ae6aef5996;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1166447
expires
Wed, 24 Jan 2024 15:23:24 GMT
chat.php
www-comp-pay.site/nwbt/bot-api/ Frame 643B 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www-comp-pay.site/nwbt/bot-api/chat.php?api=true&chat_id=591451443918&service=dpdhu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d535b8f917a87befb1d798809b603f501c26724bd64df3d637d9e355821c25

Request headers

Accept
*/*
Referer
https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzE%2BwH3hBL4gezJs9zKfRjDGZWPMldukCoPkNQRsYU%2FrIno5xHo8xFuRUp95L2SzUzUcqGNJvwA3eK7kOx77w5PW4euilGB8lOL%2BuHTWFhNim3lxPu1VpJJUqYALt3S4ZwI2hxiqK6bcG4JQPRGZiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f9969edb6372f-FRA
alt-svc
h3=":443"; ma=86400
newMsg.php
dpd-hr.www-paysite.site/ 		5 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/newMsg.php?page_id=591451443918&page=authorize
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/ruxitagentjs_ICA27NVfhjqrux_10275230919171419.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH07m%2FWJA0vs2GHG1caffCOGDGi%2FMUGBf3jANKPPMg%2FNULCvQMDNr0n1ifYaDTtbL8Bon%2BnH56Ex%2BGYwDdHNRtN6%2Fa8DX%2BnnK0YWe96OaOjCp9k4jiC%2BBtDjnLQMr6BYME9ABTD7DzV3yN14wogQfXvmzcxq0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f996aaabe65fc-AMS
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/ruxitagentjs_ICA27NVfhjqrux_10275230919171419.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shj%2BzWsL08wbXn7ib9h6pPMBOP9VEsVXodew6qZ3WcWPwMNcmIlSwNJH4FlEC%2Fqn0IkVjisUjAyy4zcxB4MtAGfP5JzolCUUpqLVk5wspt7wmO3gk4OOlpapzk%2BwIGikgynouP7T6qZrmnjMxxgSuNWqmche2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f996acaf765fc-AMS
alt-svc
h3=":443"; ma=86400
Primary Request confirm.php
dpd-hr.www-paysite.site/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba/591451443918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9efcd60d689023d5cd63681268cd4314d60975321f6ddf140daba497bff7c8e

Request headers

Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
846f996b7bde65fc-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 15:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z316qPok6ikly9DO0p3UwVMQmDx1vh0zQhPw9S%2FdMjiqTm3wHTtFfOjgY11fYOf5C2R0SUuayrNnwa294Zr4fbksa1yi33ayXppBEtstOgOPcYmMDZSD12MpbFoChSQp0v7eOwpId4ClnQrSktxbJfgtX%2BeZ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rb_f657274a-ee65-4cd6-bc68-4714e0f54fd8
dpd-hr.www-paysite.site/gradjani/ 		285 B
685 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/gradjani/rb_f657274a-ee65-4cd6-bc68-4714e0f54fd8?type=js3&sn=v_4_srv_-2D26_sn_STSB4H1NRREL81BO21TDJ7Q96Q20G9RN&svrid=-26&flavor=post&vi=MWHQKNRUHIFSPNGFWJMJRWKUTRPBUAUD-0&modifiedSince=1697231023549&rf=https%3A%2F%2Fdpd-hr.www-paysite.site%2Fzaba%2F591451443918&bp=3&app=0da0a5038257af05&crc=3959985194&en=zmtpfh82&end=1
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/zaba_files/ruxitagentjs_ICA27NVfhjqrux_10275230919171419.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://dpd-hr.www-paysite.site/zaba/591451443918
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDTg2auSRFZKQK6OdiKJZJzpx6lxMmQ8SmLgtOC2U4s6NQTTux%2FC6n4DqpGvaJmlEpHjJdnxpAlNnrwDuPNcnQSx8JvSa%2FYUzCjnjb8dT5erRAkDYbbCMXDlX3T3uwh6jOplKdfyLDZnozESvPEUBC8QmROF8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
baloo-proxy
1.4
cf-ray
846f996b7bdd65fc-AMS
alt-svc
h3=":443"; ma=86400
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://dpd-hr.www-paysite.site/
Origin
https://dpd-hr.www-paysite.site
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6121491
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-ams21060-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705505005.426976,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5, 85720
normalize.css
dpd-hr.www-paysite.site/confirm_assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/confirm_assets/css/normalize.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6da89a7351d004bfe48c19d8903820332d9ae9a8837625652832baa1d0cff7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"186b-607c655d1dd40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOW2bTqVvcMWZ9Ye8%2Bhi8EdpKKd1lmaSGokDFmbfDh%2BtENwjH0fAPf4XitX6JMyyKuDvL2s%2BoQX88Qx7jJA8s2X1e1D7rnQqPXSRwqD8lax0spQ1qPThBexerA28NSNf77nDTs%2FYb4DF45KxQvBxsVhP%2FjDQ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996bfcad65fc-AMS
alt-svc
h3=":443"; ma=86400
main.css
dpd-hr.www-paysite.site/confirm_assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/confirm_assets/css/main.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf7ef974b18a04e2e665c853bf399b13b20c3f885f5b27ffec6efd70b8fdad80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"10c3-607c655d1dd40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRVRi9dEmT82zcNZGSVPK%2Fd%2FeE1xl108Q2Ooc5PtDhdXl5mNiWwgeCdNYldzp0o2SpJbP2ykHfqgqIsBPfrd1nEfcSNaIicobmADyPOvfu%2BIxaAcq8xPYr6H7RUsygEOWdeSP05yUUXCQ9LKxkt7Op2gMwfuHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996bfcae65fc-AMS
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		1 KB
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins&display=swap
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 14:56:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:23:25 GMT
visa.svg
dpd-hr.www-paysite.site/confirm_assets/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/confirm_assets/images/visa.svg
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce4bead6d167d8aa0ec5663c8c58e8134ee5a92a4d979e05ce46ecefee39a6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"157b-607c655d1dd40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rq49ht%2B0AdsYObhWvS%2Fb1BeIgJa6UTSH14amzlaHiYNoj%2FqSc1Mukr3ykNSDcGZ7MvfVp9fqkpbQWX5A3FlaGYe3QWdWTrMTSqHgPzeU2fwa%2F2i9QWQs4u%2BPCDxfZQ9RrxSEsovfrTxTvHfSHzuAgrPQIdWkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996bfcb165fc-AMS
alt-svc
h3=":443"; ma=86400
exclamation.svg
dpd-hr.www-paysite.site/confirm_assets/images/ 		534 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/confirm_assets/images/exclamation.svg
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae3abf3c3b6df6c9d27cf1763a34341a0de158f8b09989a7ccae1ee9cd214fc8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"216-607c655d1dd40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZicoiSsSTVDc5BmtoCl6rP3pPxmFKaU6ID5PwbqHv04CP9%2Bm6e%2F2%2Fh0DiKYUOx5kPAeOQKzD1mznSCDoXamNK8x8m23%2FS%2FSH4qGOFpaUw6YMCiXEGS2X43kigrDaQkz8xF4ivgSTk3g%2FAB8l7p8dsBt76vTPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996bfcb265fc-AMS
alt-svc
h3=":443"; ma=86400
loading.svg
dpd-hr.www-paysite.site/confirm_assets/images/ 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/confirm_assets/images/loading.svg
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6487dc972dc73bbba728bf4025c0eba262cd58e00d4cda4b6d974dbea5a7f65c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"13a8-607c655d1dd40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJLOvPKN9Dov42zBVMRmEVeDD0puKIQp6CfpWfVEtvo%2F50BADJQzjs8ponEsqA32x9%2FUpNwin7ph0Nf7AIZaGGKpJ%2FOGmBsWhRK8r5AjpxMJx5snsiuWh3R7nASKtKXWcmgknP6pk1TAfJYnOFt9dqI1uqa2Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996c1cf765fc-AMS
alt-svc
h3=":443"; ma=86400
check-512.png
cdn2.iconfinder.com/data/icons/greenline/512/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.iconfinder.com/data/icons/greenline/512/check-512.png
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648ea86387eb0d4a3718204e88012d233fa0d49606aa06d96b118f770e0663c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
1514939
content-disposition
inline; filename="2381035.png"
alt-svc
h3=":443"; ma=86400
content-length
11660
x-request-id
2523bf4d-350f-446e-8757-1cbd46ce1919
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701591007&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=FJxhv%2BIgEFmO%2B96iqbw9c2bUeIPcTQr2zLuFWyC%2BsJI%3D
last-modified
Sun, 03 Dec 2023 08:10:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701591007&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=FJxhv%2BIgEFmO%2B96iqbw9c2bUeIPcTQr2zLuFWyC%2BsJI%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
846f996c6d534daa-FRA
expires
Thu, 16 Jan 2025 15:23:25 GMT
check.svg
dpd-hr.www-paysite.site/confirm_assets/images/ 		872 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/confirm_assets/images/check.svg
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c6114b6dce23216a59402238ddba67a8f743d1eebc0b7e3ddbbe9a993c5ef2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"368-607c655d1dd40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm3L5GGDBjuFl%2Fv1DRdbRHq5QmozBRtkjkc7JcbRai2pk0TN1LM85cC2%2BuDCmukmZqmsJem1DC5OSNDYAlqcZlmrhyg9NuWqqCqNueglIyDOg2i%2F8uU4S3CZVqaEa9CW0yIB3E5Z35KWRNxziqnOdQrrrd82UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996c1cfa65fc-AMS
alt-svc
h3=":443"; ma=86400
bell.svg
dpd-hr.www-paysite.site/confirm_assets/images/ 		977 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpd-hr.www-paysite.site/confirm_assets/images/bell.svg
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ba9f76097237ef536d02612ed4d3b75da9144ef526b63c99e4a7e7805765be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"3d1-607c655d1dd40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLTO6E0Cr1DMYwbqv9jZsNM92RzUkPvYNYuiF8mczQGttaM0WuZ6NpcoVCaxWEeYkXG0WkQtRw23yZWF1U44%2FW9STkY7ojkVRQLLzDRx6ksmU36rx55lm3Am%2BRnDhGqblojIamfdwy%2BcFvt2R%2F5hPMswERENpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996c1cff65fc-AMS
alt-svc
h3=":443"; ma=86400
chat.css
dpd-hr.www-paysite.site/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/chat.css
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b631236e00fdd55837e540e668f88aae9faafadd5e1d20a30aa27ed59754da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 15 Oct 2023 19:31:25 GMT
proxy-cache
MISS
server
cloudflare
etag
W/"1771-607c655d1dd40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Glj3ZwDRJTl5nXioavHX3zTmJ8NGKX9WiZQ2FAXxD4I9%2FSH9bxEqzuKcUml%2BwNFOUADFF7nQ51nx0jA8gVFroXzCXsZx%2BIG7q3pdO2LeLduMD2hUJnFh%2Bx7GiYH9LS%2B%2FgfBCTWZO3N%2FEOpO%2FbFeQKjWN2bUJag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
846f996c1cfc65fc-AMS
css2
fonts.googleapis.com/ 		696 B
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6dc27dafd0f0c8c6ebf8461ed31c5fbea1283fa96d37baa6bd8a0276cf645739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dpd-hr.www-paysite.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:23:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:23:25 GMT
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfTMvGo1W2CW%2FD2hLlkFEyNQSC4peB2Fab1kF5WnBo%2FNWbtrL53NRLzAeq2Yte4XZRh4HGOuZOOyu9oIiR8y503CxiJcxaMHPtmaNAiv9kZu9lFIXwIVmB78AduDKGdsmqIZimmPxzVq36u6sogUff8ovtsVuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f996c8d8765fc-AMS
alt-svc
h3=":443"; ma=86400
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dpd-hr.www-paysite.site
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:23:46 GMT
x-content-type-options
nosniff
age
46779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:23:46 GMT
pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dpd-hr.www-paysite.site
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 06:53:08 GMT
x-content-type-options
nosniff
age
30617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5544
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 06:53:08 GMT
chat.php
www-comp-pay.site/nwbt/bot-api/ Frame EE5E 		72 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Requested by
Host: dpd-hr.www-paysite.site
URL: https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b192c2ac9b6ba4d62a7542314f897b5ceb41c36772e55c25c85d8ad685eab027

Request headers

Referer
https://dpd-hr.www-paysite.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
846f996c9b116fde-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 15:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9pQ2E7cZSuo9KUKuUnIQcDyzzjhJyENU%2FWvddCBG%2BgjSYgMhhBN4RllDXdarkcjG6tmLdnMzCtgrzfwNLtxeNCnahYMtrRZ4jay8C08O1eRNa4Fdirysi%2B45REav1wHtUyglxRAanVgfiasFQxRXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v156/ 		236 KB
236 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialsymbolsoutlined/v156/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce0de0f1bc68033b5f8fb86845bf5d0df5fc1f0384c10bce81c32a4643837bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dpd-hr.www-paysite.site
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:15:35 GMT
x-content-type-options
nosniff
age
72470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241428
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 22:16:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 19:15:35 GMT
jquery-3.4.1.min.js
code.jquery.com/ Frame EE5E 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: www-comp-pay.site
URL: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www-comp-pay.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
822088
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21923-LGA, cache-ams21039-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705505006.639715,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
16, 149507
css2
fonts.googleapis.com/ Frame EE5E 		2 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Requested by
Host: www-comp-pay.site
URL: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae427a9b14139b41e89b8e50b3616f15408f23e8b31214e5458831af604e4eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www-comp-pay.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 14:54:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:23:25 GMT
kontakt-os-1-1024x1024.png
pmtomrer.dk/wp-content/uploads/2020/03/ Frame EE5E 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmtomrer.dk/wp-content/uploads/2020/03/kontakt-os-1-1024x1024.png
Requested by
Host: www-comp-pay.site
URL: https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:9:1111:0:1aa4:22e8:2 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0aca7b63af97c4d5b5e5743d7b4ef21dea5553d15653e9048cfdfdd30bc9afd2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www-comp-pay.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 24 Mar 2020 19:36:09 GMT
server
LiteSpeed
etag
"11cc6f-5e7a6129-6ef288ae6aef5996;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1166447
expires
Wed, 24 Jan 2024 15:23:25 GMT
chat.php
www-comp-pay.site/nwbt/bot-api/ Frame EE5E 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www-comp-pay.site/nwbt/bot-api/chat.php?api=true&chat_id=591451443918&service=dpdhu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d535b8f917a87befb1d798809b603f501c26724bd64df3d637d9e355821c25

Request headers

Accept
*/*
Referer
https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dOQncira1bVqYLv3vHwDzOTcNS%2F1uaOT2JgQvW%2BBNwLNil6C7eza6rl2RHOQDv%2FHa%2FhhLa9eu8VI%2F%2B%2FnrmOSCbQRY%2BQTeA7AWH2%2FBwPsKZfd4IqFx1xgHCUeilZg5wfrZSSMsJ0xnH1PNP2tzFODg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f996e9ef36fde-CDG
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYn%2Bv99vd%2BG0%2B%2FSR2lsvIIVrVzEC5%2F%2BlDaNTRcNHC7VO4YV9kkZ5pL2Aj01U3AxPgQuenmQZJaEN%2F88qgyK13chdpmErzTXuQqn9D9%2FjgK149H5gJBhFLYbinhu9pJC6TuslJ5ZsQr%2FJpRGRjxeo%2B46ACTcCMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f9971bcef65fc-AMS
alt-svc
h3=":443"; ma=86400
newMsg.php
dpd-hr.www-paysite.site/ 		5 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/newMsg.php?page_id=591451443918&page=confirm
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCw39UcWrUxmcuYY0BvTw2BC60Yo4l4EYJjBssorZBzKstrR8Rvgf7uszGRJHsAGmBiPC7zaI4XhYXk98%2BtOaCbOXLfStwsxrkWS8C%2BuzfNJMupdCXE4M6jVniQg2eT1LF1zwkqqqlYjLIOU5DW7fsziG1g1Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f9972dedc65fc-AMS
alt-svc
h3=":443"; ma=86400
chat.php
www-comp-pay.site/nwbt/bot-api/ Frame EE5E 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www-comp-pay.site/nwbt/bot-api/chat.php?api=true&chat_id=591451443918&service=dpdhu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d535b8f917a87befb1d798809b603f501c26724bd64df3d637d9e355821c25

Request headers

Accept
*/*
Referer
https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLl82IGbRiwnhLCe62w1fgIe8%2F6%2F%2FT2OryGB4KBvPPnmt9NA2%2F1kIisupajQtQS9y7yRi1IEo%2BShSsZV8syKtM7lx24QAVkrzCaqI4McNGhAF6fFVyQJZ3YiALkEVFyEYhSeVAIGqjzqrr0UZ8e7Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f9973c8046fde-CDG
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPP0ZNTcO11xoowUxAEuNZO0gLiXk10NIyHf26dVN8eNWY%2F1d%2F16XYWY1Io3FMS3lU6PX1WEAo5Z%2FKD3UXY1u%2FSL1o9RWeowoURzPK3l1d%2B8QasZ4kcuOIgZFKyDgfTQOJ3tpJZ8APRojoSAZlo%2FyL5fPs%2FaJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f9974da8865fc-AMS
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQUpKLgVaG1lZxlMK3d5Pi%2B7RDziOIRCzTh%2F6hSLuXGtjwA%2Fw4LjKvDnej8b5qEQxBtmu81%2BV1m85P371u5ZGfjWYqcFDZ6xjnuOoyNdJt2t5gHYMvbqNKNfh9IrQLHGX2E4u5fxPQ8MOxwrW3DD1p4Ry9b%2Fsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f9977ff4d65fc-AMS
alt-svc
h3=":443"; ma=86400
newMsg.php
dpd-hr.www-paysite.site/ 		5 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/newMsg.php?page_id=591451443918&page=confirm
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hp5yzqwaY7GHHFKjgidP2OSTrYZHaVh5G4fev05wnkha61BDL5x3c6f8O%2BIMzgLiFcZ7YriP9V%2BwzaoAZCmvnKHN8Hg6PWRD4D3afrPK83nshk4rw%2FzWh4sDHmt%2B25okZGr4sWnA36rxK3IZX%2B885TcTD3xq%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f9979192c65fc-AMS
alt-svc
h3=":443"; ma=86400
chat.php
www-comp-pay.site/nwbt/bot-api/ Frame EE5E 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www-comp-pay.site/nwbt/bot-api/chat.php?api=true&chat_id=591451443918&service=dpdhu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d535b8f917a87befb1d798809b603f501c26724bd64df3d637d9e355821c25

Request headers

Accept
*/*
Referer
https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1HEBpYtXoBv1aCAApR6rcyVbQzlTwcK0M2kYkEzeeUIjluXKJFmmVi%2FoDGccRwtBwB6P83qbxIWTJ8lin1h%2BZU1xPWa5U4Es21j52z4Qe9uZqXvZJioS2%2Bqv522%2Bz65f8wNtT7T30PJKPVDUboXRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f997a0ae36fde-CDG
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aimf%2Bb5jQnkiXiEhuyoXtRcTVty5HrGRTJpG9iyRb9ZY75AoWjWwKL%2FhMq52qan8M6in532rPJqE%2BBMCINs0x3u9RqmsQINJk26lKPQPMx8Mi9C%2FhjAADdHQLKFKESsJXrlb1GOGY3%2BV8vjcOpd%2F7libYSMROA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f997b1cc465fc-AMS
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OIlSWJMxniAVMx4wPukMMM5ncoFTJ6GEpujbmRjmDn9spFzMhO3zrG5Y8QG3I0BWrI2FUxvP1zwmNtPZ679jTtiLL3qqLWzK1ZkEAyvfF5493DTPcMFgdt%2FyXRy%2BxYvbeLOgw3Y8vWSnDjKJgAOkmlbqqVH1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f997e3a4b65fc-AMS
alt-svc
h3=":443"; ma=86400
newMsg.php
dpd-hr.www-paysite.site/ 		5 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/newMsg.php?page_id=591451443918&page=confirm
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so6yxLxTXAWKEXBwJh9QT7CruHmiz5Kh34v%2FcAm95HvFR8Q05%2Bj3dEAn7RDJkifAF5h7nstQh24L4BLb8y7uLsGw%2Be1qhkF2ci3RsQRtcHzEaxGAKImPDGOYvQZ1UnPE8M3zGBaMgs%2F7iCq4iN0LNVauFjWdhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f997f5c3c65fc-AMS
alt-svc
h3=":443"; ma=86400
chat.php
www-comp-pay.site/nwbt/bot-api/ Frame EE5E 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www-comp-pay.site/nwbt/bot-api/chat.php?api=true&chat_id=591451443918&service=dpdhu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d535b8f917a87befb1d798809b603f501c26724bd64df3d637d9e355821c25

Request headers

Accept
*/*
Referer
https://www-comp-pay.site/nwbt/bot-api/chat.php?chat_id=591451443918&service=dpdhu2.0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWwNZdCe0EXjjvM9aDv0qWrDEgdpT%2BUsCc1vegBDnZOmhKNIUzwl0ikjMQI2kRkODk8ZUEXx2zNRSJrPQ%2BeQ6QgUs1t1vvthvGDc2mKpDPOlPrm1IjufKv2mpc3ppIi3mX3C4d%2BSUgu5LVx2IebikA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f99804e656fde-CDG
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		7 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48

Request headers

Accept
*/*
Referer
https://dpd-hr.www-paysite.site/confirm.php?page_id=591451443918&bank=Raiffeisen
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:23:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWZrJ0hISZlx3iD%2FC5Yg5UbkGPa3hkrUa0t8a8QrCqpWuu%2BHNcwj4VUrowBNv7vTw0ah6fSleVFZyrjVM5r7xUdf98znNRtHkOMXtiCKbMzERo2olyhe6msiZmquZ%2FYdBtsHFl3tTn4z98N5MHgE9qXSWumLLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
846f99815fd465fc-AMS
alt-svc
h3=":443"; ma=86400
getStatus.php
dpd-hr.www-paysite.site/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dpd-hr.www-paysite.site
URL
https://dpd-hr.www-paysite.site/getStatus.php?page_id=591451443918

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| init function| updateStatus function| toggleLoading function| smsLog function| pinCode function| secretWord function| bankLog function| clarifyBalance function| updateStatus2 function| openForm function| closeForm string| currentStatus2 string| currentStatus

6 Cookies

Domain/Path Name / Value
dpd-hr.www-paysite.site/ Name: _1__bProxy_v
Value: 39b5342672809d2b9133208f37c25d5c7a45c2727956810e37086ceadc81d1dc
.www-paysite.site/ Name: dtCookie
Value: v_4_srv_-2D26_sn_STSB4H1NRREL81BO21TDJ7Q96Q20G9RN
.www-paysite.site/ Name: rxVisitor
Value: 1705505004089PF7U1MH04Q9J24RLM0J856KBHL2TLLIM
.www-paysite.site/ Name: rxvt
Value: 1705506805096|1705505004090
.www-paysite.site/ Name: dtPC
Value: -26$305004088_300h-vMWHQKNRUHIFSPNGFWJMJRWKUTRPBUAUD-0e0
.www-paysite.site/ Name: dtSa
Value: false%7C_load_%7C8%7C_onload_%7C-%7C1705505005096%7C305004088_300%7Chttps%3A%2F%2Fdpd-hr.www-paysite.site%2Fzaba%2F591451443918%7C%7C%7C%7C

6 Console Messages

Source Level URL
Text
network error URL: https://dpd-hr.www-paysite.site/zaba_files/meni.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dpd-hr.www-paysite.site/zaba_files/opcenito.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dpd-hr.www-paysite.site/images/bullet_dot.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dpd-hr.www-paysite.site/images/alert.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.zaba.hr/ebank/Kalendar.js?v=1705505004238&_=1705505004212
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://dpd-hr.www-paysite.site/gradjani/rb_f657274a-ee65-4cd6-bc68-4714e0f54fd8?type=js3&sn=v_4_srv_-2D26_sn_STSB4H1NRREL81BO21TDJ7Q96Q20G9RN&svrid=-26&flavor=post&vi=MWHQKNRUHIFSPNGFWJMJRWKUTRPBUAUD-0&modifiedSince=1697231023549&rf=https%3A%2F%2Fdpd-hr.www-paysite.site%2Fzaba%2F591451443918&bp=3&app=0da0a5038257af05&crc=3959985194&en=zmtpfh82&end=1
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn2.iconfinder.com
code.jquery.com
dpd-hr.www-paysite.site
fonts.googleapis.com
fonts.gstatic.com
pmtomrer.dk
www-comp-pay.site
www.zaba.hr
dpd-hr.www-paysite.site
185.155.208.1
2606:4700:3034::6815:4ca6
2606:4700:e2::ac40:8507
2a00:1450:4001:80e::200a
2a00:1450:4001:831::2003
2a02:4780:9:1111:0:1aa4:22e8:2
2a04:4e42:400::649
2a06:98c1:3121::3
04520114101c07415ef81924f6a2d91cc9b750280d723074981d188d3dd2467f
08f5f1c6fa42badf38c56e6df0c991a53d0fb4bd2f1d53bcd6e656bf247f7c48
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aca7b63af97c4d5b5e5743d7b4ef21dea5553d15653e9048cfdfdd30bc9afd2
0c5a658cb19a73536d318e8bcbeda5e0d090a98feb61a2db93add846f03747dc
0f383f7cad06ec67b238b17baa0a84d43c068196a038d0be2d9d833a5adba8eb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ce4bead6d167d8aa0ec5663c8c58e8134ee5a92a4d979e05ce46ecefee39a6d
45ba9f76097237ef536d02612ed4d3b75da9144ef526b63c99e4a7e7805765be
5c6114b6dce23216a59402238ddba67a8f743d1eebc0b7e3ddbbe9a993c5ef2e
607c3303b29adec8f90c79aa253acf9c13d50c810b8c37b5836f19f2c07be0bf
60eb9f650f5b84dc2212fe4375a38b3b29b18920c7c66f135544ddc3eb5bc985
6487dc972dc73bbba728bf4025c0eba262cd58e00d4cda4b6d974dbea5a7f65c
648ea86387eb0d4a3718204e88012d233fa0d49606aa06d96b118f770e0663c2
6dc27dafd0f0c8c6ebf8461ed31c5fbea1283fa96d37baa6bd8a0276cf645739
72d535b8f917a87befb1d798809b603f501c26724bd64df3d637d9e355821c25
76b631236e00fdd55837e540e668f88aae9faafadd5e1d20a30aa27ed59754da
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
a036ea7aae63329abd8fc1750134aa15da4835230f5d180c481dbf094b2b31e1
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5a819e9dadab4e1429a72c6db4de14bc6f2073811748c5cfa97a8bf97c321d8
ad7f57cc53e7d436a595f3fce66759f66b16042c67969d5c6b7609ca91d643ae
ae3abf3c3b6df6c9d27cf1763a34341a0de158f8b09989a7ccae1ee9cd214fc8
ae427a9b14139b41e89b8e50b3616f15408f23e8b31214e5458831af604e4eb0
b192c2ac9b6ba4d62a7542314f897b5ceb41c36772e55c25c85d8ad685eab027
b7bf7b4521bd261cc83f4dfdcfbbb79e9a206a00f4347118ff0b24ce441bba35
bd37442deb721a6835cbaa3dcaa7353a926ab5ccedff29f1333e0ed1682ad298
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cd6da89a7351d004bfe48c19d8903820332d9ae9a8837625652832baa1d0cff7
ce0de0f1bc68033b5f8fb86845bf5d0df5fc1f0384c10bce81c32a4643837bd3
cf2916b8d69385a9a50c1c1ad4c40cdfbb7476f4efff49aed9bffedbf5fe197a
cf7ef974b18a04e2e665c853bf399b13b20c3f885f5b27ffec6efd70b8fdad80
d9efcd60d689023d5cd63681268cd4314d60975321f6ddf140daba497bff7c8e
decb5f47afecc7bb9e3d911dcbba91afbab07f2304e8e777b9196d294078a443
e31814c85eef4bdf1b569219a9cddbdaf2df0da41fffc6bc0ab09a3b91a357c0
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
ee923ae709cd75b5c7e7ee2937f2aec89a660c3042c5a7a16bb8b10c410f8ea9
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f44614b9616b855c323f937e32312a94fb4cd3ed7c6cdd4ec08cb13382de4741
f9fadb4872c995a706b4d92307ab93e85453ecd002d49fe87f7a4546679ba96f
fcb1bc2cda4d6b64f07bbe09cf11122a751c97e0a1e0bcb2262218d2e1b49759
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa