safepay-eldorado.dashboard-static.website Open in urlscan Pro
2606:4700:3030::6815:54c0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://safepay-eldorado.dashboard-static.website/payment/pay/?unique_id=35533565&uid=999105244
Effective URL:
https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244
Submission: On December 08 via manual (December 8th 2023, 2:50:14 am UTC) from IN — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3030::6815:54c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is safepay-eldorado.dashboard-static.website.
TLS certificate: Issued by E1 on December 5th 2023. Valid for: 3 months.

This is the only time safepay-eldorado.dashboard-static.website was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Visa (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:c438	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3030::6815:54c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2606:50c0:800... 2606:50c0:8003::154	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	3.123.53.82 3.123.53.82	16509 (AMAZON-02) (AMAZON-02)
24	11

1 2606:4700:3031::ac43:c438 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

safepay-eldorado.dashboard-static.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:54c0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

safepay-eldorado.dashboard-static.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:50c0:8003::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-v3.smartsuppcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translations.smartsuppcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.53.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-53-82.eu-central-1.compute.amazonaws.com

bootstrap.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gstatic.com fonts.gstatic.com	80 KB
5	smartsuppcdn.com widget-v3.smartsuppcdn.com — Cisco Umbrella Rank: 55204 translations.smartsuppcdn.com — Cisco Umbrella Rank: 56855	96 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	44 KB
3	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4597	39 KB
3	dashboard-static.website 2 redirects safepay-eldorado.dashboard-static.website	50 KB
2	smartsuppchat.com www.smartsuppchat.com — Cisco Umbrella Rank: 52787 bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 46815	7 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	31 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
24	10

	Domain	Requested by
6	fonts.gstatic.com	fonts.googleapis.com
4	widget-v3.smartsuppcdn.com	www.smartsuppchat.com
3	cdn.jsdelivr.net	safepay-eldorado.dashboard-static.website
3	raw.githubusercontent.com	safepay-eldorado.dashboard-static.website
3	safepay-eldorado.dashboard-static.website	2 redirects
1	translations.smartsuppcdn.com	widget-v3.smartsuppcdn.com
1	bootstrap.smartsuppchat.com	www.smartsuppchat.com
1	www.smartsuppchat.com	safepay-eldorado.dashboard-static.website
1	unpkg.com	safepay-eldorado.dashboard-static.website
1	cdnjs.cloudflare.com	safepay-eldorado.dashboard-static.website
1	code.jquery.com	safepay-eldorado.dashboard-static.website
1	fonts.googleapis.com	client
24	12

This site contains no links.

Subject Issuer	Validity	Valid
dashboard-static.website E1	`2023-12-05` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.smartsuppchat.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-30` - `2023-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.smartsuppcdn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-10-23` - `2024-11-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244
Frame ID: EA1C0DD761CA00D30C2535F3FFA72062
Requests: 21 HTTP requests in this frame

Frame: https://widget-v3.smartsuppcdn.com/assets/main-66ba07db.js
Frame ID: 7C1D195E2C36489EBAEE758651FAB755
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Платежная форма

Page URL History Show full URLs

http://safepay-eldorado.dashboard-static.website/payment/pay/?unique_id=35533565&uid=999105244 HTTP 301
https://safepay-eldorado.dashboard-static.website/payment/pay/?unique_id=35533565&uid=999105244 HTTP 307
https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

91 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

379 kB
Transfer

835 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://safepay-eldorado.dashboard-static.website/payment/pay/?unique_id=35533565&uid=999105244 HTTP 301
https://safepay-eldorado.dashboard-static.website/payment/pay/?unique_id=35533565&uid=999105244 HTTP 307
https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pay Show response
safepay-eldorado.dashboard-static.website/payment/
Redirect Chain

http://safepay-eldorado.dashboard-static.website/payment/pay/?unique_id=35533565&uid=999105244
https://safepay-eldorado.dashboard-static.website/payment/pay/?unique_id=35533565&uid=999105244
https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

48 KB
49 KB

55ms
54ms

Document
text/html

2606:4700:3030::6815:54c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:54c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720b1b067614fb7463868641bb38ed50c364142ab2b3b1c2e66160f1fe860df6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8321b3044eec367d-FRA
content-length: 49465
date: Fri, 08 Dec 2023 02:50:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDbkEtAh2ApV8UzNeCTKMjojhVIu8UyA9aEE4RV6JmQGS3LXOJws%2FA1wH0uQSeFWucRNLXC4GvpndUKGR9OggGmM8Gnvy7gYtoY9kALaaDHkCwMUbySzy5ioMLj0dmVT6Kl0vLBWL7OS1%2BoCxcfIbP6MF3NbeSZY%2Fx%2F4R0c2SSp3%2F%2F0pxhsI9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8321b303ee9b367d-FRA
content-length: 0
date: Fri, 08 Dec 2023 02:50:09 GMT
location: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x03Klkp6msE2FCwSNDOa5gFyRZwZrtfznq5xv%2FFXKaIRI0%2F8ZoXtk%2FYIuv7kriQbJ1Qfc8FWegOcQxagKkqN2sCrQlXIPP8FpuPnIxMdi2uPik5%2BNXSKSjTXo%2Be%2B24jc%2FAdMjjbiHWecWxs0ZE%2FtmVF8Igex6xRHDQvpgfwiuyEgK0Q3MHTKiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 79ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8172166dbe776ffa12da60505a6324a609efce59a5eff460b7b9d579e2db30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 02:50:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 02:50:10 GMT

GET
H2 200 chip.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ 16 KB
17 KB 76ms
28ms Image
image/png 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/chip.png

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: d90ed8ad58058f1afae1d322d0ad34d086540914
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 02:50:10 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16470
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230090-FRA
x-github-request-id: 4540:CD0A:1156520:121BD3D:656804BE
x-timer: S1702003810.085739,VS0,VE7
etag: W/"0eef0729fb842b647b8e55e6077eb705bfff46d0f861a866fe759566cb54d035"
source-age: 157
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 08 Dec 2023 02:55:10 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 81ms
22ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1401193
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230094-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702003810.096440,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 1301026

GET
H2 200 vue.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/ 91 KB
31 KB 76ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3280716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30769
last-modified: Mon, 04 May 2020 16:17:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402c-16deb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jc8ODhHKBsw4HClqvh075MrRAXytWp5vFhWwMHV5A0FTp61mHgwn6ueL0bbl6ztkNu0921fDGsbF9y5rlyI5vmuoosPoei0%2FLEvKrFn3FJkyvZHdAdaXponQvn3cRnVR2tyIIv5gNSF6qYPzDDzKyMx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8321b3057e1f9b58-FRA
expires: Wed, 27 Nov 2024 02:50:10 GMT

GET
H2 200 vue-the-mask.js Show response
unpkg.com/vue-the-mask@0.11.1/dist/ 5 KB
2 KB 74ms
30ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-the-mask@0.11.1/dist/vue-the-mask.js

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:50:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2550871
last-modified: Tue, 10 Oct 2017 17:43:56 GMT
fly-request-id: 01HEQMKTEREXDRR9WCM755PZ4G-fra
server: cloudflare
etag: W/"1281-ojkEKEJwDFSwzNnN7s8unltOATY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8321b30579ce1e10-FRA

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 75 KB
21 KB 75ms
31ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ee140344701f1acb771ba8fbf2e2a199087ab4acf05fd50e757826cf597704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41764
x-jsd-version: 11.10.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230038-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"12b3b-RimU/Qj1uZajKjz3B6Mu8E+LzVU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6Ma6NplWO44KL3VVWkyvajsQxzaAfDty92wSraRm2kRTmkaFJxOG8d2JZF59eKJLTgorO27q4DaHOWKqeFD7fy5eJ0P1Lfep7H1VTyM%2Bx%2BIVf77Il2doa3jadM8o1jnCImVmJZq4Aju3pEhAjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8321b30579305c92-FRA

GET
H2 200 sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@11.0.19/dist/ 22 KB
5 KB 71ms
28ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11.0.19/dist/sweetalert2.min.css

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d72cb0de5c93e3e62436666a8de967106e7b0c9efa06372a1413298009f98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 780370
x-jsd-version: 11.0.19
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230124-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"588a-ehS0YvlYd3gUelwchCCVCOFcIas"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrSN%2Ft41Qy2qNEZUhdG3%2B8RbuIm8Hwdw8J7EMpIt347lN6MbTmq8gPrPfxchxJxqkvVesLaeq1SePvr1kzgxiYlSxxMaz6mANhm8mMU%2BG00s6gCU7FhCf%2BE%2BpdQUSZlLJobuiIoiVthOvr6R4rU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8321b305792f5c92-FRA

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@11.0.19/dist/ 63 KB
18 KB 72ms
29ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11.0.19/dist/sweetalert2.all.min.js

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8811d8c90f438dec06d74298bb375081719cb602a40da325972cc4f27bc41b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 770075
x-jsd-version: 11.0.19
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"fa2e-HV0g5f4dJ6DqsUeCErN00mwkKtc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObvKJGBmeFanirHud4nmNyL%2BSoDy%2BLdxFG1F%2FVslsCbloOSWRt%2F2aKgoAyzhZUXadrBwmTVBqwiOS6lJ0edO%2B4VWYlq6c%2F68YfJ%2BXYBHhN1b4%2BLgqkCHw2oCHDlbtAq5B%2FgZ42YY2yqf8ra5zzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8321b30579315c92-FRA

GET
H2 200 loader.js Show response
www.smartsuppchat.com/ 19 KB
6 KB 79ms
20ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.smartsuppchat.com/loader.js?
Requested by: Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9bbb282d74807066b2cdaa827f756fc68c66fabc881bcfa7c2696612d384c25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
x-age-lb: 5
x-77-cache: HIT
x-accel-date: 1702003805
x-77-nzt: ApySIYs3Nzf/BQAAANRmOAk3Nzf/AAAAAA
x-accel-expires: @1702003865
x-77-age: 5
x-cache-lb: HIT
last-modified: Mon, 06 Nov 2023 07:18:56 GMT
server: CDN77-Turbo
etag: W/"65489360-4cc5"
x-77-nzt-ray: cf878727a487d54462847265d9bbee09
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, public, s-maxage=60
expires: Mon, 06 Nov 2023 07:26:14 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 111ms
62ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:16:21 GMT
x-content-type-options: nosniff
age: 27229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:16:21 GMT

GET
DATA 200
OK truncated
/ 426 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d00c6f0cc689179cfc4dab54f10163635df53e0472ec87fb40790a74f4dbce2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2
fonts.gstatic.com/s/sourcecodepro/v23/ 14 KB
14 KB 75ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9204ea7545271658de22859c8d6706a10ed878577d2bfec5e077ba702e2789e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 00:48:01 GMT
x-content-type-options: nosniff
age: 93729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13872
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:53:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 00:48:01 GMT

GET
H2 200 HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
fonts.gstatic.com/s/sourcecodepro/v23/ 21 KB
21 KB 101ms
53ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:35 GMT
x-content-type-options: nosniff
age: 555035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21528
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:21:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:35 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 8 KB
8 KB 89ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:04:46 GMT
x-content-type-options: nosniff
age: 107124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7860
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 8 KB
8 KB 71ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:09:58 GMT
x-content-type-options: nosniff
age: 488412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7972
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 11:09:58 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 94ms
46ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:21 GMT
x-content-type-options: nosniff
age: 27769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:07:21 GMT

GET
H2 200 14.jpeg
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ 16 KB
16 KB 176ms
176ms Image
image/jpeg 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/14.jpeg

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d613a336c3fc8cb9c71b835627b19d1772c8347b7633f43de97351d31ecc65bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: c30708fb780610fe4adf91f021b9c1838a0a1b35
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 02:50:10 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16259
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230090-FRA
x-github-request-id: BAF8:4F81B:BA35D:C8362:657280B2
x-timer: S1702003810.224841,VS0,VE154
etag: W/"6246421675b2f2e0609440ae82af6ecc2f179f0a319481280d49bd56126b62ee"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 08 Dec 2023 02:55:10 GMT

GET
H2 200 visa.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ 6 KB
6 KB 22ms
22ms Image
image/png 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/visa.png

Requested by

Host: safepay-eldorado.dashboard-static.website
URL: https://safepay-eldorado.dashboard-static.website/payment/pay?unique_id=35533565&uid=999105244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a9548347c9b338b3168bc5eb94c8206490a3462efc3c674632e9e9236785d54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safepay-eldorado.dashboard-static.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-fastly-request-id: 48b9739fe7b8bd280b71c15d207ec2f5e9bd08ee
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 02:50:10 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5927
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230090-FRA
x-github-request-id: A00A:1A9F:B3F003:BBE6E8:654AC6D7
x-timer: S1702003810.224764,VS0,VE1
etag: W/"a85601928a11d6b5e6b530a1393acefc80f47d2fe589cadd27da82060323bd15"
source-age: 103
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 08 Dec 2023 02:55:10 GMT

GET
H2 200 a047107d1c2f593e4ec8250abadeb2df0151c995.json Show response
bootstrap.smartsuppchat.com/widget/ 2 KB
850 B 90ms
30ms XHR
application/json 3.123.53.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.smartsuppchat.com/widget/a047107d1c2f593e4ec8250abadeb2df0151c995.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.53.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-53-82.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 600e2fc2cd87273fa29ea1420b8e14ba548d54fbcd66cfd7660aa2d17257eb2c

Request headers

Referer: https://safepay-eldorado.dashboard-static.website/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 12a8de05a04cea7bc5299437c285bc9c16fa8c7b
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: br
x-hit: redis
etag: "61b-+dlflE72KkFtUgVEt4/pi+w863Y"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate

GET
H2 200 manifest.json Show response
widget-v3.smartsuppcdn.com/ 2 KB
831 B 81ms
20ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v3.smartsuppcdn.com/manifest.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0226134051377933a7323d412828dcabb77107a276210cf3d95866495748d402

Request headers

Referer: https://safepay-eldorado.dashboard-static.website/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
x-age-lb: 43
x-77-cache: HIT
x-accel-date: 1702003767
x-77-nzt: ApySIYs3Nzf/KwAAANRmOAk3Nzf/AAAAAA
x-accel-expires: @1702003825
x-77-age: 43
x-cache-lb: HIT
last-modified: Wed, 22 Nov 2023 07:40:29 GMT
server: CDN77-Turbo
etag: W/"655db06d-626"
x-77-nzt-ray: cf8787271c8cf84762847265ef7a4d18
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300, public, s-maxage=60
expires: Wed, 22 Nov 2023 09:42:54 GMT

GET
H2 200 main-66ba07db.js Show response
widget-v3.smartsuppcdn.com/assets/ Frame 7C1D 92 KB
33 KB 29ms
28ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v3.smartsuppcdn.com/assets/main-66ba07db.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6900930f6f1ea7022dd390b4b3f9a5ebbeb2c58985de87a4df628fa8c8eeda7c

Request headers

Referer
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
x-age-lb: 1357936
x-77-cache: HIT
x-accel-date: 1700645874
x-77-nzt: EgwBnJIhiwH3cLgUAAwB1GY4nAH3AAAAAA
x-accel-expires: @1732181874
x-77-age: 1357936
x-cache-lb: HIT
last-modified: Wed, 22 Nov 2023 07:40:29 GMT
server: CDN77-Turbo
etag: W/"655db06d-171e1"
x-77-nzt-ray: cf8787271c8cf847628472653705a019
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Thu, 21 Nov 2024 09:37:54 GMT

GET
H2 200 vendor-886017d2.js Show response
widget-v3.smartsuppcdn.com/assets/ Frame 7C1D 157 KB
52 KB 56ms
56ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v3.smartsuppcdn.com/assets/vendor-886017d2.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0621283c4789e9f7153c34dd69776c34fa32f1a118c342e67ede61d8d871e607

Request headers

Referer
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
x-age-lb: 2751881
x-77-cache: HIT
x-accel-date: 1699251929
x-77-nzt: ApySIYs3Nzf/if0pANRmOJw3Nzf/AQAAAA
x-accel-expires: @1730787928
x-77-age: 2751882
x-cache-lb: HIT
last-modified: Mon, 06 Nov 2023 05:38:10 GMT
server: CDN77-Turbo
etag: W/"65487bc2-27246"
x-77-nzt-ray: cf8787271c8cf8476284726533feaa19
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Tue, 05 Nov 2024 06:25:28 GMT

GET
H2 200 style-a2eb889b.css
widget-v3.smartsuppcdn.com/assets/ Frame 7C1D 31 KB
7 KB 48ms
48ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v3.smartsuppcdn.com/assets/style-a2eb889b.css
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7751fce329ce3b7e36810cef31e7c56377edc83fc28844c85e92c5048756a98a

Request headers

Referer
Origin: https://safepay-eldorado.dashboard-static.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
x-age-lb: 1357936
x-77-cache: HIT
x-accel-date: 1700645874
x-77-nzt: ApySIYs3Nzf/cLgUACUTwig3Nzf/AAAAAA
x-accel-expires: @1732181874
x-77-age: 1357936
x-cache-lb: HIT
last-modified: Wed, 22 Nov 2023 07:40:29 GMT
server: CDN77-Turbo
etag: W/"655db06d-7ca4"
x-77-nzt-ray: cf8787271c8cf8476284726537d5a619
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Thu, 21 Nov 2024 09:37:54 GMT

GET
H2 200 defaults Show response
translations.smartsuppcdn.com/api/v1/widget/translations/lang/ru/ Frame 7C1D 7 KB
3 KB 37ms
20ms Fetch
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://translations.smartsuppcdn.com/api/v1/widget/translations/lang/ru/defaults
Requested by: Host: widget-v3.smartsuppcdn.com
URL: https://widget-v3.smartsuppcdn.com/assets/vendor-886017d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7a46dc942e3728493c41ff23f928535d3fc61cc7b29b4c7be4670ad3af3bbcf6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
x-version: 0a7a96369901bb34c8cf45039c3f0019bf65ff25
date: Fri, 08 Dec 2023 02:50:10 GMT
content-encoding: gzip
x-age-lb: 61
x-77-cache: HIT
x-accel-date: 1702003749
x-response-time: 1ms
x-77-nzt: EgwBnJIhiwH3PQAAAAwB1GY4mQG2WwIAAA
x-accel-expires: @1702004349
x-cache-lb: HIT
x-77-age: 664
server: CDN77-Turbo
x-77-nzt-ray: cf8787271c8cf84762847265e25b3820
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Visa (Financial)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			safepay-eldorado.dashboard-static.website/	1970-01-20 16:56:48	Name: ref Value: 999105244
			safepay-eldorado.dashboard-static.website/	1970-01-20 16:56:48	Name: unique_id Value: 35533565

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bootstrap.smartsuppchat.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
raw.githubusercontent.com
safepay-eldorado.dashboard-static.website
translations.smartsuppcdn.com
unpkg.com
widget-v3.smartsuppcdn.com
www.smartsuppchat.com
2606:4700:3030::6815:54c0
2606:4700:3031::ac43:c438
2606:4700::6810:5714
2606:4700::6810:7caf
2606:4700::6811:180e
2606:50c0:8003::154
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a02:6ea0:c700::18
2a04:4e42:200::649
3.123.53.82
0226134051377933a7323d412828dcabb77107a276210cf3d95866495748d402
0621283c4789e9f7153c34dd69776c34fa32f1a118c342e67ede61d8d871e607
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1a9548347c9b338b3168bc5eb94c8206490a3462efc3c674632e9e9236785d54
1d00c6f0cc689179cfc4dab54f10163635df53e0472ec87fb40790a74f4dbce2
2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5
539bdb4bd9bb71c694451bbf2d5d7c0b2849e3584f0b50be3588a07605d3337f
600e2fc2cd87273fa29ea1420b8e14ba548d54fbcd66cfd7660aa2d17257eb2c
612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8
6900930f6f1ea7022dd390b4b3f9a5ebbeb2c58985de87a4df628fa8c8eeda7c
720b1b067614fb7463868641bb38ed50c364142ab2b3b1c2e66160f1fe860df6
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
7751fce329ce3b7e36810cef31e7c56377edc83fc28844c85e92c5048756a98a
7a46dc942e3728493c41ff23f928535d3fc61cc7b29b4c7be4670ad3af3bbcf6
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
9bbb282d74807066b2cdaa827f756fc68c66fabc881bcfa7c2696612d384c25d
9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15
a8811d8c90f438dec06d74298bb375081719cb602a40da325972cc4f27bc41b7
a9204ea7545271658de22859c8d6706a10ed878577d2bfec5e077ba702e2789e
b5d72cb0de5c93e3e62436666a8de967106e7b0c9efa06372a1413298009f98f
b8172166dbe776ffa12da60505a6324a609efce59a5eff460b7b9d579e2db30b
c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97
d613a336c3fc8cb9c71b835627b19d1772c8347b7633f43de97351d31ecc65bf
e7ee140344701f1acb771ba8fbf2e2a199087ab4acf05fd50e757826cf597704
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

safepay-eldorado.dashboard-static.website Open in urlscan Pro 2606:4700:3030::6815:54c0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

91 %IPv6

10 Domains

12 Subdomains

11 IPs

2 Countries

379 kBTransfer

835 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

2 Cookies

Indicators

safepay-eldorado.dashboard-static.website Open in urlscan Pro
2606:4700:3030::6815:54c0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

91 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

379 kB
Transfer

835 kB
Size

2
Cookies

24 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!