gls-hu.cpays-offer.site Open in urlscan Pro
2606:4700:3034::ac43:9230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cvsdvb.com/f5c0170f
Effective URL:
https://gls-hu.cpays-offer.site/safedeal/263486845552
Submission: On December 03 via manual (December 3rd 2023, 9:32:32 pm UTC) from HU — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3034::ac43:9230, located in United States and belongs to CLOUDFLARENET, US. The main domain is gls-hu.cpays-offer.site.
TLS certificate: Issued by GTS CA 1P5 on November 26th 2023. Valid for: 3 months.

This is the only time gls-hu.cpays-offer.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:47b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2606:4700:303... 2606:4700:3034::ac43:9230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
6	2606:4700:303... 2606:4700:3032::6815:15f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:96ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	7

1 2606:4700:3034::6815:47b6 (United States)

ASN13335 (CLOUDFLARENET, US)

cvsdvb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3034::ac43:9230 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gls-hu.cpays-offer.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::6815:15f1 (United States)

ASN13335 (CLOUDFLARENET, US)

jpay-page.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:96ca (United States)

ASN13335 (CLOUDFLARENET, US)

cdn1.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cpays-offer.site 1 redirects gls-hu.cpays-offer.site	162 KB
6	jpay-page.site jpay-page.site	102 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	91 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	iconfinder.com cdn1.iconfinder.com — Cisco Umbrella Rank: 61036	18 KB
1	cvsdvb.com cvsdvb.com	979 B
29	6

	Domain	Requested by
17	gls-hu.cpays-offer.site	1 redirects cvsdvb.com gls-hu.cpays-offer.site code.jquery.com
6	jpay-page.site	gls-hu.cpays-offer.site code.jquery.com
3	code.jquery.com	gls-hu.cpays-offer.site jpay-page.site
2	fonts.googleapis.com	gls-hu.cpays-offer.site jpay-page.site
1	cdn1.iconfinder.com	gls-hu.cpays-offer.site
1	cvsdvb.com
29	6

This site contains no links.

Subject Issuer	Validity	Valid
cvsdvb.com GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
cpays-offer.site GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
jpay-page.site GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-13` - `2024-02-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://gls-hu.cpays-offer.site/safedeal/263486845552
Frame ID: F1664A431F1AE9ACE7B206EEB79FD68B
Requests: 23 HTTP requests in this frame

Frame: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0
Frame ID: 422E2ED08338A51B33017CCF1121E602
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Honor Pad X8 - bontatlan

Page URL History Show full URLs

https://cvsdvb.com/f5c0170f Page URL
https://gls-hu.cpays-offer.site/safedeal/263486845552 HTTP 302
https://gls-hu.cpays-offer.site/safedeal/263486845552 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

375 kB
Transfer

1413 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cvsdvb.com/f5c0170f Page URL
https://gls-hu.cpays-offer.site/safedeal/263486845552 HTTP 302
https://gls-hu.cpays-offer.site/safedeal/263486845552 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 f5c0170f
cvsdvb.com/ 1 KB
979 B 416ms
370ms Document
text/html 2606:4700:3034::6815:47b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvsdvb.com/f5c0170f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82feec16ee80bb74-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 21:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9njKQsJc6I1laBXqNt1RB8PcdVN1gxDg4Vtj%2BGbfSwl9HUvdJ2vUlB7zPY6NL7tGGdDyobMHqf5Yx5Mryh9AInduFVrnRIQ8m%2BEHbL2MwSrEUSHqu%2BLkvMRBz%2F13wfxPfo90onm4RYWX"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

Primary Request 263486845552 Show response
gls-hu.cpays-offer.site/safedeal/
Redirect Chain

https://gls-hu.cpays-offer.site/safedeal/263486845552
https://gls-hu.cpays-offer.site/safedeal/263486845552

793 KB
103 KB

432ms
431ms

Document
text/html

2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Requested by: Host: cvsdvb.com
URL: https://cvsdvb.com/f5c0170f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddcfff14b0bdf123859acbb8fc8b74835cd96f8e58ff399f0ac3aa40e5ff5525

Request headers

Referer: https://cvsdvb.com/f5c0170f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
baloo-proxy: 1.4
cf-cache-status: DYNAMIC
cf-ray: 82feec1bce8b2bec-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 21:32:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddi8OtW1HBTl7T6DCwLI7FLpaXqr1c%2FhBQ4S6mW9m3lFCTMvJ5H%2BNNmxUL5MMf4yoEPpMRq9LWt3oFNCL7zTEonznEtDATxD6vYmEx0ANRsVUXXWLgUWO04%2Fc%2FMBPx3XjHI8u0eP95cT21jBP6WBfyafDu8hsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
baloo-proxy: 1.4
cf-cache-status: DYNAMIC
cf-ray: 82feec19bc7b2bec-FRA
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 21:32:26 GMT
location: /safedeal/263486845552
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD0XfJELSVmVBV7tcs8iMGLlaIpP7R3KjSUOEIbsIT8YRItZvf2bVKwsIKhZeKBoTTqC%2FPOkyxKjcB1f8MRTFss7wh2Vcpf2U5c7ZNd%2BNNwAxJfMsNdrEytXSB04Zksu1hz1hzXySz0h3nYzmvXb0%2BLIxzasYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 696 B
873 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined

Requested by

Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf2ac384cf7d16f313de6d2e489d1913564574675fe35245344f286d5080508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gls-hu.cpays-offer.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 21:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 21:32:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 21:32:27 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 38ms
7ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://gls-hu.cpays-offer.site/
Origin: https://gls-hu.cpays-offer.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1036530
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230062-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701639147.313993,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 1020162

GET
H3 404 support_parent.css
gls-hu.cpays-offer.site/assets// 0
0 376ms
375ms Stylesheet
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/assets//support_parent.css
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:27 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpGWz9Buns2GffhLKHmeEgLompMQEiDbTBJNvEMC4OABLGf2ucNWuIKZqW2PzgMm5MAO22ISVvkXGEG%2FqTewHpKyEmHfzKMTLVPZK6Hkl5cAAr7UXasZvNLX%2Fl3E6dBVwkTtijmxCROBBkb2R3FGnviixbo8gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
baloo-proxy: 1.4
cf-ray: 82feec1e8a300e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.css
gls-hu.cpays-offer.site/assets// 157 KB
25 KB 598ms
598ms Stylesheet
text/css 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/assets//bootstrap.css
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 08:04:06 GMT
proxy-cache: MISS
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"2722e-5fbdf21bf0980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZQsDtfXuBOthjLVS1ZYfXZPdEwhLHT4dh5TQ9zch420bBousGa%2Fvinil6lBnRcHQ54oanrJUDHHbOpGTHfdvpMNfBOiqHTp%2FwDqmvE5jMmNiG2%2BYQUtTy9V4unWYBi5Tj%2FpapNhMHAFTI5ATicFa9nNZ7kFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
baloo-proxy: 1.4
cf-ray: 82feec21aeb70e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 chat.css
gls-hu.cpays-offer.site/ 6 KB
2 KB 396ms
395ms Stylesheet
text/css 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/chat.css
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b631236e00fdd55837e540e668f88aae9faafadd5e1d20a30aa27ed59754da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 07 Jul 2023 10:01:07 GMT
proxy-cache: MISS
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"1771-5ffe2b6231ec0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bu9%2Ffk%2BXR%2BRYfa%2FjEuVqOxbUEDuj4Fe8F7%2BSTtanNRExqIcH%2FuojnQogVZLA5pWwszNrgVlAICodl9F9mwl4GH9C%2FT835v0dNrf3Ky9p1ZoCK%2FD2oFIhPp0mhOH8lgGIEL3MCJKnMWsZne0jbv9LFonAq5G1ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
baloo-proxy: 1.4
cf-ray: 82feec21aeb90e48-AMS
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeda67bd2327a192aa3de335daf55743804d8a4dc2695311bd3e57b38c4e0cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 263486845552.png
jpay-page.site/nwbt/temp/ 86 KB
86 KB 921ms
879ms Image
image/png 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jpay-page.site/nwbt/temp/263486845552.png
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d23022b3cac4d11a536d0b16c9ad8bc405ca1274b6100e09189c98ff20ad464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gls-hu.cpays-offer.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 87586
last-modified: Sun, 03 Dec 2023 18:25:03 GMT
proxy-cache: MISS
server: cloudflare
etag: "656cc7ff-15622"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hknWhlZgDD5hmGwPFTeumRsnCZWnsy1BKajr01twRPrRFmY%2B5tAocTCTPMS0%2FaL9UC5Pc9fhJ6w1nw34iXwyLtHdgFiK%2Bf%2FhfCtDJQnGQQM4a18HblXc7Sv4VeczSxEJ9C%2FE4JmfrZbNifNiUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
baloo-proxy: 1.4
accept-ranges: bytes
cf-ray: 82feec21e8e0bb47-FRA
expires: Mon, 04 Dec 2023 21:32:28 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 7ms
7ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://gls-hu.cpays-offer.site/
Origin: https://gls-hu.cpays-offer.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2255634
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230062-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701639148.788330,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1, 191549

GET
H2 200 30-512.png
cdn1.iconfinder.com/data/icons/color-bold-style/21/ 17 KB
18 KB 55ms
20ms Image
image/png 2606:4700:3035::ac43:96ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.iconfinder.com/data/icons/color-bold-style/21/30-512.png

Requested by

Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:96ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294c6b42af175d4648860c40e62a83fb0983503f0a782aea8901541f3c69dcf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gls-hu.cpays-offer.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:28 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 2047362
content-disposition: inline; filename="2930368.png"
alt-svc: h3=":443"; ma=86400
content-length: 17890
x-request-id: fcdd0be6-b0a0-472f-89b9-dcc3c0467c78
last-modified: Sun, 05 Nov 2023 05:51:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw1grzF0LzLvh52%2FtpmlxHilV54VbtMDVmXMsJpxfa6INzTRA8R5pK6YZSsnLJpnhhPxj4mlvZ5sF4f0Al771lx0AltdZBdFggVa0hI7bfE2yXew3ii97KQzN76O7TVMasAZeclTDaGvt%2Bg8RzhcY0nr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82feec25ba653636-FRA
expires: Mon, 02 Dec 2024 21:32:28 GMT

GET
H3 200 delivery.png
gls-hu.cpays-offer.site/assets/ 27 KB
28 KB 622ms
622ms Image
image/png 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gls-hu.cpays-offer.site/assets/delivery.png
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 28100
last-modified: Wed, 17 May 2023 08:04:06 GMT
proxy-cache: MISS
server: cloudflare
etag: "6dc4-5fbdf21bf0980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIfOPa4xhmkUBXRXuw6rItsgq4joyoInXeePQ4NBzWARlvykUjR5VtsEPMkhipn5q19WJmveoVi3FksCW4hqR4DJAdZvEvqWeKcou%2BDa%2BEmjHD9anvjReWVOcBJFNDfrnmf9gWeLyUXTEjQe4ivm%2By5%2FNyGPfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
baloo-proxy: 1.4
accept-ranges: bytes
cf-ray: 82feec258c3f0e48-AMS

GET
H3 404 firasans-medium.6d0873.woff
gls-hu.cpays-offer.site/build/fonts/ 0
0 390ms
390ms Font
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/build/fonts/firasans-medium.6d0873.woff
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
Origin: https://gls-hu.cpays-offer.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfC9g2SBeWQMsdQ7bSPemtyqYTakE371xl3ZF89TEbjC1dRfsZCubA9%2FcMK%2BiHSLLgmSRdRXKszDx898pVK6WPkAwe8dn3hCXh1LrrJlK3vxDNrMVOC9R4XDQLOY17lSK3wUMDSAQiQY3wsPXCtXQDV29fGzzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
baloo-proxy: 1.4
cf-ray: 82feec258c400e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 chat.php Show response
jpay-page.site/nwbt/bot-api/ Frame 422E 59 KB
13 KB 376ms
376ms Document
text/html 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c43679c2ba9d8c92705d2e3052eead21df7d005279e8af197fb6bb857af65de

Request headers

Referer: https://gls-hu.cpays-offer.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
baloo-proxy: 1.4
cf-cache-status: DYNAMIC
cf-ray: 82feec259ce0bb47-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 21:32:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDID4BwjiLOPYzV8XDIXqxsxkHMGVGbujHu9SNLaSUwhBaT3l3qR%2FRZUmHeWCSvsUIu9azTYDWwzuT6ujXMLxb0iwmPahJKSzqfTf%2Bni9ZIWhvpsQ5RZl5P8DGMNyJoUm7VhBKkuBJao4crWwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 422E 86 KB
30 KB 51ms
18ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: jpay-page.site
URL: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jpay-page.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6836949
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-eddf8230124-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701639149.823827,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 454, 269739

GET
H2 200 css2
fonts.googleapis.com/ Frame 422E 2 KB
668 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&display=swap

Requested by

Host: jpay-page.site
URL: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae427a9b14139b41e89b8e50b3616f15408f23e8b31214e5458831af604e4eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jpay-page.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 21:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 21:24:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 21:32:28 GMT

GET
H3 404 firasans-medium.12a58b.ttf
gls-hu.cpays-offer.site/build/fonts/ 0
0 377ms
377ms Font
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/build/fonts/firasans-medium.12a58b.ttf
Requested by: Host: gls-hu.cpays-offer.site
URL: https://gls-hu.cpays-offer.site/safedeal/263486845552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
Origin: https://gls-hu.cpays-offer.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8sNRxsgtxqJIOQgrboLpqV3pAfiwX6Hf3hLlu73gnmJu2ayMDLMxY7PU%2BR0NZtekdumqq5UOilcHGTt0KBaYUJnM24QDhcSCrPp3nzw44YAgmobowsXpiU0kGLQtYnBB6%2BpKWoG2MX%2FJqFTLHIeww94T32j4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
baloo-proxy: 1.4
cf-ray: 82feec27ff570e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 chat.php Show response
jpay-page.site/nwbt/bot-api/ Frame 422E 439 B
511 B 265ms
265ms XHR
text/html 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jpay-page.site/nwbt/bot-api/chat.php?api=true&chat_id=263486845552&service=glshu2.0&getMessages=true
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6566a9e908720aa7e1cd8dbf1ae032c89e70a02a0385057c7dd9906cbc4d3253

Request headers

Accept: */*
Referer: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FHMbfGAMpTrYZ1HRFqJS%2BQeie3uygKAE2Mezbupdey%2BkClYRPixPnqg65APdJ6QhEUAI789VPD66TajpE9BEZg%2FzJuGaJy1W8blIVwova%2BSZLzyq7o8EYVtlQO5HKaUQcmz0EO2kWI6YZhWiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec28f823bb47-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-semibold.1d8cbd.woff
gls-hu.cpays-offer.site/build/fonts/ 0
0 387ms
387ms Font
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/build/fonts/opensans-semibold.1d8cbd.woff
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
Origin: https://gls-hu.cpays-offer.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0YgGLPDeffHQlHztOZeofrTE9jhJpqENTuBwTW25A3DH2HN%2BX0owymjcZsMqnvn3dW28u0SdkeXUetNKHVIbKVMcvRStDr1r5azjq80%2Fx19BJtTdHXXqSE8bIwSm6uefaf%2FcQCab%2FSk3F1oM4Dqp9cAQtZdyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
baloo-proxy: 1.4
cf-ray: 82feec2a59cb0e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 getStatus.php Show response
gls-hu.cpays-offer.site/ 4 B
460 B 386ms
385ms XHR
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/getStatus.php?page_id=263486845552
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: */*
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0J50e5PiJ8xdUbaay73YFoTfwHCIVOCqCvu9tZTETITtJ3qAgAtAAWCtXFgoCVkLRPZQM08PSeR3Pqqn3Eq9pY19kR2YD9iv6WCYxtekOJr%2FVUMqiv3WAkeWoCCaLKgKrFu%2FAe9hphD4vgK42XqbC1EVQnOKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec2beb960e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-semibold.e1c83f.ttf
gls-hu.cpays-offer.site/build/fonts/ 0
0 386ms
385ms Font
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/build/fonts/opensans-semibold.e1c83f.ttf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
Origin: https://gls-hu.cpays-offer.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TRyOiKHrssNVlhqHz0iittL%2BD2MiI6WjCSBTiOxa4Xlysc6VyYMXNsJe6%2BbGhqZWhd%2BVCM4cbs4ZUddLPpMwWv%2Fnc6lS7dYIMcmBxfnLZOuBkMSc%2FiqrvEK%2BOj9UsJewyxWgBWjk%2FKg9boeuPp%2F08r89w5c%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
baloo-proxy: 1.4
cf-ray: 82feec2ccc920e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 chat.php Show response
jpay-page.site/nwbt/bot-api/ Frame 422E 439 B
690 B 441ms
441ms XHR
text/html 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jpay-page.site/nwbt/bot-api/chat.php?api=true&chat_id=263486845552&service=glshu2.0&getMessages=true
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6566a9e908720aa7e1cd8dbf1ae032c89e70a02a0385057c7dd9906cbc4d3253

Request headers

Accept: */*
Referer: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsYCYWKnzElQCthYFsdrOppwRQ5UTPN6zgqYD5CE1YLwdq7bRExcB7CZ3w7sXxZy2cIdMNSjgH6zFBy7i8%2F9joOMucBhpuh3umKpUi5g2NVB%2FNRlZwdScE9ekDU9vMzvs7TPLUi2tGBOuAOUQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec2f3a7c6570-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 newMsg.php Show response
gls-hu.cpays-offer.site/ 5 B
462 B 311ms
311ms XHR
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/newMsg.php?page_id=263486845552&page=safedeal
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDhUNwiSZpbq9chB82IwZvLzxuPYFKl6kxresrObmrveHOesvF%2Bfmgd7NYAmOi8FKtKp0m9Lk%2BJU58Jx9OpqAG9YMk86aDFN6F2yWMkJA08RkV1fg9cafn8QV1AzckSrozcMCgu2RGpk7UuAy%2F9PzACuYPlTWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec3098890e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 getStatus.php Show response
gls-hu.cpays-offer.site/ 4 B
458 B 373ms
372ms XHR
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/getStatus.php?page_id=263486845552
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: */*
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geUInHxRjvAmpFUuDhZaXkLInpL50QF4snosSRkKHvclhr6eOtpVB4wt9lX0X8sXlGGLmzhnDiWWNyVtEuMDFmKP7Yc8sRORNEC%2FOTrvSbNLEt3bRrUza1MvNpfzpjq72GDjaGo1EPy2ONFavcVo5wgGOjMqlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec322a610e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 chat.php Show response
jpay-page.site/nwbt/bot-api/ Frame 422E 439 B
659 B 322ms
322ms XHR
text/html 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jpay-page.site/nwbt/bot-api/chat.php?api=true&chat_id=263486845552&service=glshu2.0&getMessages=true
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6566a9e908720aa7e1cd8dbf1ae032c89e70a02a0385057c7dd9906cbc4d3253

Request headers

Accept: */*
Referer: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2F2PSzqKmiNbGblyIl2A5p0SgZXC%2BqoHYs%2F9kimAGRnt%2B2ku2PqB2FNUGI0M2VdvyzdmndnYGSIhyVpJO8PgSeztFXKXEAonaWl7RS%2BGE04zbYf01Ubf9ONkfy3Vc4jZ%2BDRQtjrbZqYPGLNQSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec357cd66570-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 newMsg.php Show response
gls-hu.cpays-offer.site/ 5 B
459 B 311ms
311ms XHR
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/newMsg.php?page_id=263486845552&page=safedeal
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4wRLKHSHDyDq1d1x9eSP0mTEQgiH3rwA2eiSXnGcLG%2BpAu3eEr4417niPzhxzNNepJ6BokggkzAPbJY1xPOAzmUD0flUj2WHsoeqwY0FvmbfxohWTQ4aclpoDBvNEhkTWIXsGB1JCb0vKELhIqUYh52cdNIPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec36d9450e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 getStatus.php Show response
gls-hu.cpays-offer.site/ 4 B
467 B 215ms
215ms XHR
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/getStatus.php?page_id=263486845552
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: */*
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asrJNQN1xvCRV1fOkDG4FNrKj5g5r7%2Bwpa%2BrOlXpdLHboJDkM1JuS%2BlpKsQoDPIs2ELhTl6O%2Fhlxw3L0dt%2BeuJpcu3yTSBIdeEppUYVjxKMS%2BRQeYrpw5C3MaUmrytw26rmObDV%2BYAc15EpT6mHMy5fjSeZCCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec386b0d0e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 chat.php Show response
jpay-page.site/nwbt/bot-api/ Frame 422E 439 B
655 B 280ms
279ms XHR
text/html 2606:4700:3032::6815:15f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jpay-page.site/nwbt/bot-api/chat.php?api=true&chat_id=263486845552&service=glshu2.0&getMessages=true
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:15f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6566a9e908720aa7e1cd8dbf1ae032c89e70a02a0385057c7dd9906cbc4d3253

Request headers

Accept: */*
Referer: https://jpay-page.site/nwbt/bot-api/chat.php?chat_id=263486845552&service=glshu2.0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIu%2B9rlK3yBt7n%2Bb4OUX281voXC62DsLihxflcuJp5do%2Bnm0n9merxMisiF0gDkjzZg8J%2BJtiC0IlTjbIiSa%2B4S4pr4x1748M0CDanrxUQgosIln3VvEoOBAZjO7ehPI3S3QE6Lo9Hmtde%2FavQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec3bbdcc6570-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 newMsg.php Show response
gls-hu.cpays-offer.site/ 5 B
465 B 303ms
302ms XHR
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/newMsg.php?page_id=263486845552&page=safedeal
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0q8CBmLsHQTOgfpiRyaX0LUS0%2Fma4dq2a1AYSHDAKM5CeJXcGnJuhyf908w8kMQc%2FGgBoK6vwNWFldUcZv7l5vyVKClUrge2Mf%2B4fnaKyZbUHeljnoQsfBvVrhcYa1fBxlPehHDypzd9G8RMyyJTo%2B%2BUH0WkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec3d197f0e48-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 getStatus.php Show response
gls-hu.cpays-offer.site/ 4 B
465 B 214ms
214ms XHR
text/html 2606:4700:3034::ac43:9230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gls-hu.cpays-offer.site/getStatus.php?page_id=263486845552
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: */*
Referer: https://gls-hu.cpays-offer.site/safedeal/263486845552
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:32:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache: MISS
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWC%2Bdp0FpLFxWdTRDN%2FInw2ZAoewjUlgRFJRihKuwZ5XnAWUG6vuBYUo%2BBVR6hC0drrbD%2F2OsiuFmh3rhUtkXULsRkHoDpfPJQuYQKHOL78Xbhy2oC62Cu6IOZLAvu9XwnjqSAtSVKUN34cyvXSSDTqMlklYrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
baloo-proxy: 1.4
cf-ray: 82feec3eab7d0e48-AMS
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gls-hu.cpays-offer.site/	1969-12-31 23:59:59	Name: _1__bProxy_v Value: 0e5ec993dd8db18c98c6610fd795a8cf48601dc4c71cf093ef230c507ea212c4

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gls-hu.cpays-offer.site/assets//support_parent.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gls-hu.cpays-offer.site/build/fonts/firasans-medium.6d0873.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gls-hu.cpays-offer.site/build/fonts/firasans-medium.12a58b.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gls-hu.cpays-offer.site/build/fonts/opensans-semibold.1d8cbd.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gls-hu.cpays-offer.site/build/fonts/opensans-semibold.e1c83f.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn1.iconfinder.com
code.jquery.com
cvsdvb.com
fonts.googleapis.com
gls-hu.cpays-offer.site
jpay-page.site
2606:4700:3032::6815:15f1
2606:4700:3034::6815:47b6
2606:4700:3034::ac43:9230
2606:4700:3035::ac43:96ca
2a00:1450:4001:831::200a
2a04:4e42:200::649
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
294c6b42af175d4648860c40e62a83fb0983503f0a782aea8901541f3c69dcf5
376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
6566a9e908720aa7e1cd8dbf1ae032c89e70a02a0385057c7dd9906cbc4d3253
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
76b631236e00fdd55837e540e668f88aae9faafadd5e1d20a30aa27ed59754da
9c43679c2ba9d8c92705d2e3052eead21df7d005279e8af197fb6bb857af65de
9d23022b3cac4d11a536d0b16c9ad8bc405ca1274b6100e09189c98ff20ad464
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ae427a9b14139b41e89b8e50b3616f15408f23e8b31214e5458831af604e4eb0
cf2ac384cf7d16f313de6d2e489d1913564574675fe35245344f286d5080508a
ddcfff14b0bdf123859acbb8fc8b74835cd96f8e58ff399f0ac3aa40e5ff5525
eeda67bd2327a192aa3de335daf55743804d8a4dc2695311bd3e57b38c4e0cb4
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

gls-hu.cpays-offer.site Open in urlscan Pro 2606:4700:3034::ac43:9230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

375 kBTransfer

1413 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gls-hu.cpays-offer.site Open in urlscan Pro
2606:4700:3034::ac43:9230 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

375 kB
Transfer

1413 kB
Size

1
Cookies

29 HTTP transactions
1 data transactions