paynets.online Open in urlscan Pro
2a00:f940:2:2:1:1:0:112  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response paynets.online/	90 KB 32 KB	327ms 181ms	Document text/html	2a00:f940:2:2:1:1:0:112 AS-REG
General Check archive.org Show headers Download Go to Full URL http://paynets.online/ Protocol HTTP/1.1 Server 2a00:f940:2:2:1:1:0:112 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / PHP/7.4.27 Resource Hash 1348641771d9c6ef36801b42d2ffcd698df071d6463ae86ce992bf44a78c2633 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Sun, 13 Mar 2022 20:27:53 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/7.4.27 Content-Encoding gzip
GET H/1.1	200 OK	main1.css paynets.online/	13 KB 3 KB	68ms 44ms	Stylesheet text/css	2a00:f940:2:2:1:1:0:112 AS-REG
General Check archive.org Show headers Download Go to Full URL http://paynets.online/main1.css Requested by Host: paynets.online URL: http://paynets.online/ Protocol HTTP/1.1 Server 2a00:f940:2:2:1:1:0:112 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash c9fea33459d13044c2ed5045928e7791bb22257173dc4dd0ad7cd31204d936b6 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 13 Mar 2022 20:27:53 GMT Content-Encoding gzip Last-Modified Thu, 10 Mar 2022 08:30:29 GMT Server nginx ETag W/"6229b725-3343" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=3888000 Transfer-Encoding chunked Connection keep-alive Expires Wed, 27 Apr 2022 20:27:53 GMT
GET H2	200	chip.png raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/	16 KB 17 KB	28ms 7ms	Image image/png	2606:50c0:8002::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/chip.png Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-fastly-request-id 40012ba58bbe0b02b40b9e383659c4fe73803253 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox via 1.1 varnish x-content-type-options nosniff x-cache HIT x-cache-hits 2 vary Authorization,Accept-Encoding,Origin content-length 16470 x-xss-protection 1; mode=block x-served-by cache-hhn4075-HHN x-github-request-id FFF2:430D:AC3C1B:B3A617:62157E9B x-timer S1647203273.111549,VS0,VE0 x-frame-options deny date Sun, 13 Mar 2022 20:27:53 GMT source-age 114 strict-transport-security max-age=31536000 content-type image/png access-control-allow-origin * cache-control max-age=300 etag W/"0eef0729fb842b647b8e55e6077eb705bfff46d0f861a866fe759566cb54d035" accept-ranges bytes expires Sun, 13 Mar 2022 20:32:53 GMT
GET H2	200	vue.min.js Show response cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/	91 KB 31 KB	39ms 21ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 20:27:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1379892 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30769 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb0402c-16deb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B68h%2FO%2FamOW9cIINUoht1M%2B1R1IdYsPKbDek6T0yhAHHArgKQGhS9i7LPQghq3%2FqZpSNY2gRY3vd39yAk6Z6ZaN8F%2BQJlJ45ibH0AKmmCyL%2BSlh8I1cIDSE0OHrluvv8PvPoNe538OgjNuCygDAEBQBW"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6eb783491f3668eb-FRA expires Fri, 03 Mar 2023 20:27:53 GMT
GET H2	200	vue-the-mask.js Show response unpkg.com/vue-the-mask@0.11.1/dist/	5 KB 2 KB	96ms 51ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/vue-the-mask@0.11.1/dist/vue-the-mask.js Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 20:27:53 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 1159454 fly-request-id 01FWZXPT6DBK3QC7Q8CV1GP6NA-fra content-encoding br vary Accept-Encoding last-modified Tue, 10 Oct 2017 17:43:56 GMT server cloudflare etag W/"1281-ojkEKEJwDFSwzNnN7s8unltOATY" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6eb783498c5e9a3c-FRA
GET H/1.1	200 OK	main.js Show response paynets.online/	2 KB 1 KB	43ms 43ms	Script application/javascript	2a00:f940:2:2:1:1:0:112 AS-REG
General Check archive.org Show headers Download Go to Full URL http://paynets.online/main.js Requested by Host: paynets.online URL: http://paynets.online/ Protocol HTTP/1.1 Server 2a00:f940:2:2:1:1:0:112 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash b5c17252ad773fe8ca84e0c09474290d5d3ce0521a1e00a028f0a226b881abc4 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 13 Mar 2022 20:27:53 GMT Content-Encoding gzip Last-Modified Thu, 10 Mar 2022 08:30:29 GMT Server nginx ETag W/"6229b725-8d4" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=3888000 Transfer-Encoding chunked Connection keep-alive Expires Wed, 27 Apr 2022 20:27:53 GMT
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/	157 KB 25 KB	46ms 26ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 20:27:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 617, 617 age 4099537 cdn-cachedat 2021-06-08 14:34:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:11 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid d45111ebe65160a53e36d081c4a375ca cf-ray 6eb7834a4aa2922b-FRA cdn-requestcountrycode US cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	130ms 40ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 17:42:21 GMT content-encoding gzip x-content-type-options nosniff age 528332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Mar 2023 17:42:21 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/	59 KB 16 KB	40ms 21ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 20:27:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 617, 617 age 4099538 cdn-cachedat 2021-06-03 21:35:35 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:11 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 2cb00a37491ee52b7f77e4c15001e1f8 cf-ray 6eb7834a4aa7922b-FRA cdn-requestcountrycode US cdn-requestpullsuccess True
GET H/1.1	404 Not Found	wait.gif paynets.online/assets/img/	217 KB 217 KB	78ms 78ms	Image text/html	2a00:f940:2:2:1:1:0:112 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL http://paynets.online/assets/img/wait.gif Requested by Host: paynets.online URL: http://paynets.online/ Protocol HTTP/1.1 Server 2a00:f940:2:2:1:1:0:112 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash c45562107b5d8f7161ed5eb4593b3da118cf5338400b86edd9f77f57b4814b89 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 13 Mar 2022 20:27:53 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx Connection keep-alive Vary Accept-Encoding Content-Type text/html; charset=utf-8
GET H2	200	jquery.maskedinput.min.js Show response snipp.ru/cdn/maskedinput/	4 KB 2 KB	264ms 46ms	Script application/x-javascript	87.236.16.202 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://snipp.ru/cdn/maskedinput/jquery.maskedinput.min.js Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.202 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.plotva.beget.com Software nginx-reuseport/1.21.1 / Resource Hash fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 20:27:53 GMT content-encoding gzip last-modified Tue, 29 Sep 2020 19:41:53 GMT server nginx-reuseport/1.21.1 etag W/"5f738e01-10e4" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Sun, 20 Mar 2022 20:27:53 GMT
GET H2	200	css fonts.googleapis.com/	16 KB 1 KB	139ms 51ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap Requested by Host: paynets.online URL: http://paynets.online/main1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 54576498d5d389761af7c4250534c39ed4e43a2954d1767d6232942b26244d80 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 13 Mar 2022 20:21:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 13 Mar 2022 20:27:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 13 Mar 2022 20:27:53 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v19/	13 KB 13 KB	159ms 77ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://paynets.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 18:02:06 GMT x-content-type-options nosniff age 354347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 23 Feb 2022 17:39:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Mar 2023 18:02:06 GMT
GET H2	200	HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2 fonts.gstatic.com/s/sourcecodepro/v20/	13 KB 13 KB	164ms 84ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcecodepro/v20/HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 175ef860729a6f3aa7c0a7954152bddbed5446affa2fe2931be79ffed5e20f87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://paynets.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 01:07:06 GMT x-content-type-options nosniff age 415247 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13116 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:13:26 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 09 Mar 2023 01:07:06 GMT
GET H2	200	HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 fonts.gstatic.com/s/sourcecodepro/v20/	19 KB 19 KB	180ms 100ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcecodepro/v20/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acce91c82cedc2cb341fba4bf9aae3096820fa28dc67b4cce8a86a575b11ef7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://paynets.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 16:00:00 GMT x-content-type-options nosniff age 534473 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19664 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:13:12 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 07 Mar 2023 16:00:00 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2 fonts.gstatic.com/s/sourcesanspro/v19/	7 KB 7 KB	130ms 50ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://paynets.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 18:14:47 GMT x-content-type-options nosniff age 353586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7360 x-xss-protection 0 last-modified Wed, 23 Feb 2022 17:37:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Mar 2023 18:14:47 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v19/	13 KB 13 KB	113ms 41ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://paynets.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 18:07:46 GMT x-content-type-options nosniff age 354007 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12924 x-xss-protection 0 last-modified Wed, 23 Feb 2022 17:39:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Mar 2023 18:07:46 GMT
GET H2	200	18.jpeg raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/	105 KB 105 KB	18ms 17ms	Image image/jpeg	2606:50c0:8002::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/18.jpeg Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f1b3ed185ee5751bd0d272e5ab63df08a80d4bf96c0eb102aa342046970d7261 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-fastly-request-id e2b5f6ce3e6116effb535249dde0bd1f49de9c09 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox via 1.1 varnish x-content-type-options nosniff x-cache HIT x-cache-hits 1 vary Authorization,Accept-Encoding,Origin content-length 107088 x-xss-protection 1; mode=block x-served-by cache-hhn4075-HHN x-github-request-id 2D98:5946:D19F54:E5AFA1:622D8A7C x-timer S1647203273.382486,VS0,VE1 x-frame-options deny date Sun, 13 Mar 2022 20:27:53 GMT source-age 218 strict-transport-security max-age=31536000 content-type image/jpeg access-control-allow-origin * cache-control max-age=300 etag W/"0a7952b101201ab4fe2af2d90c96cdc1577512a5ad551177d39e49e3cde5de84" accept-ranges bytes expires Sun, 13 Mar 2022 20:32:53 GMT
GET H2	200	visa.png raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/	6 KB 6 KB	17ms 17ms	Image image/png	2606:50c0:8002::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/visa.png Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1a9548347c9b338b3168bc5eb94c8206490a3462efc3c674632e9e9236785d54 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-fastly-request-id c4c41f45dde643a88ea9e62d90000f9cbfb66acf content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox via 1.1 varnish x-content-type-options nosniff x-cache HIT x-cache-hits 4 vary Authorization,Accept-Encoding,Origin content-length 5927 x-xss-protection 1; mode=block x-served-by cache-hhn4075-HHN x-github-request-id 72A0:F04C:287A04:2B2CD4:6216D476 x-timer S1647203273.382591,VS0,VE0 x-frame-options deny date Sun, 13 Mar 2022 20:27:53 GMT source-age 116 strict-transport-security max-age=31536000 content-type image/png access-control-allow-origin * cache-control max-age=300 etag W/"a85601928a11d6b5e6b530a1393acefc80f47d2fe589cadd27da82060323bd15" accept-ranges bytes expires Sun, 13 Mar 2022 20:32:53 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2 fonts.gstatic.com/s/sourcesanspro/v19/	7 KB 7 KB	108ms 95ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://paynets.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 18:14:47 GMT x-content-type-options nosniff age 353586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7448 x-xss-protection 0 last-modified Wed, 23 Feb 2022 17:39:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Mar 2023 18:14:47 GMT
GET H2	200	client.js Show response widget.replain.cc/dist/	3 KB 4 KB	57ms 8ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://widget.replain.cc/dist/client.js Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash d79fdefbca7dc806c2990943cb14baa8ab5fe1eafa7e8c1fb0660e0fbbf09011 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc28 date Sun, 13 Mar 2022 20:27:53 GMT last-modified Fri, 11 Mar 2022 06:20:04 GMT server nginx etag "622aea14-d84" x-cached-since 2022-03-13T20:13:31+00:00 content-type application/javascript access-control-allow-origin * cache-control max-age=3600, public cache HIT accept-ranges bytes content-length 3460 expires Fri, 11 Mar 2022 08:19:15 GMT
GET H2	200	app.f69517de.css widget.replain.cc/dist/css/ Frame E965	45 KB 10 KB	18ms 18ms	Stylesheet text/css	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://widget.replain.cc/dist/css/app.f69517de.css Requested by Host: widget.replain.cc URL: https://widget.replain.cc/dist/client.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 1fbc6888ee9ff61b0f975998ef371db04257c5822e90c6f0b3a53988240e14b5 Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma public date Sun, 13 Mar 2022 20:27:53 GMT content-encoding gzip last-modified Wed, 09 Mar 2022 04:23:52 GMT server nginx etag W/"62282bd8-b3f5" x-cached-since 2022-03-09T04:39:16+00:00 content-type text/css access-control-allow-origin * cache-control max-age=31536000, public, must-revalidate, proxy-revalidate cache HIT x-id fr5-up-gc28 expires Thu, 09 Mar 2023 04:43:21 GMT
GET H2	200	app.95c7cd65.js Show response widget.replain.cc/dist/js/ Frame E965	333 KB 122 KB	11ms 11ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://widget.replain.cc/dist/js/app.95c7cd65.js Requested by Host: widget.replain.cc URL: https://widget.replain.cc/dist/client.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 9f2fe64a9e8740652b95125ec26f5761480cf2817284bd8d00d884611e05a58b Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma public date Sun, 13 Mar 2022 20:27:53 GMT content-encoding gzip last-modified Fri, 11 Mar 2022 06:19:31 GMT server nginx etag W/"622ae9f3-534c1" x-cached-since 2022-03-11T06:22:14+00:00 content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, must-revalidate, proxy-revalidate cache HIT x-id fr5-up-gc28 expires Sat, 11 Mar 2023 06:26:23 GMT
OPTIONS H/1.1	200 OK	auth app.replain.cc/ Frame	0 0	150ms 46ms	Preflight text/plain	178.21.8.220 AS-REG
General Check archive.org Show headers Download Go to Full URL https://app.replain.cc/auth Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS chat.cetis.ru Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://paynets.online User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 13 Mar 2022 20:32:06 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive X-DNS-Prefetch-Control off X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=15552000; includeSubDomains X-Download-Options noopen X-Content-Type-Options nosniff nosniff X-XSS-Protection 1; mode=block 1; mode=block Vary Accept-Encoding Access-Control-Allow-Origin http://paynets.online Access-Control-Allow-Headers Authorization, Content-Type Access-Control-Allow-Methods OPTIONS,GET,POST,PUT,DELETE Access-Control-Allow-Credentials true Allow POST
POST H/1.1	200 OK	auth Show response app.replain.cc/ Frame E965	320 B 953 B	47ms 46ms	XHR application/json	178.21.8.220 AS-REG
General Check archive.org Show headers Download Go to Full URL https://app.replain.cc/auth Requested by Host: widget.replain.cc URL: https://widget.replain.cc/dist/js/app.95c7cd65.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS chat.cetis.ru Software nginx / Resource Hash 7589770827195e3e1605fe94afa08f78da1c45811e655783ac0b4bc86ab25e1a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept application/json, text/plain, */* Referer http://paynets.online/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/json Response headers Date Sun, 13 Mar 2022 20:32:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff, nosniff Transfer-Encoding chunked Connection keep-alive X-DNS-Prefetch-Control off Vary Accept-Encoding X-XSS-Protection 1; mode=block, 1; mode=block Server nginx X-Frame-Options SAMEORIGIN X-Download-Options noopen Strict-Transport-Security max-age=15552000; includeSubDomains Access-Control-Allow-Methods OPTIONS,GET,POST,PUT,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Access-Control-Allow-Headers Authorization, Content-Type
GET H2	206	notification.ac905963.mp3 widget.replain.cc/dist/media/ Frame E965	24 KB 24 KB	10ms 10ms	Media audio/mpeg	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://widget.replain.cc/dist/media/notification.ac905963.mp3 Requested by Host: paynets.online URL: http://paynets.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e Request headers Referer http://paynets.online/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0- Response headers pragma public date Sun, 13 Mar 2022 20:27:53 GMT last-modified Wed, 09 Feb 2022 07:38:45 GMT server nginx access-control-allow-origin * etag "62036f85-6053" x-cached-since 2022-02-09T08:02:29+00:00 content-type audio/mpeg Content-Range bytes 0-24658/24659 cache-control max-age=31536000, public, must-revalidate, proxy-revalidate cache HIT x-id fr5-up-gc28 Content-Length 24659 expires Thu, 09 Feb 2023 08:05:48 GMT
GET H2	200	lang-ru-json.b52c2d1a.js Show response widget.replain.cc/dist/js/ Frame E965	4 KB 2 KB	10ms 9ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://widget.replain.cc/dist/js/lang-ru-json.b52c2d1a.js Requested by Host: widget.replain.cc URL: https://widget.replain.cc/dist/js/app.95c7cd65.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash a775026091fa6c419284438f675f964453004bbb92cbe6df41be6c245c9a314b Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma public date Sun, 13 Mar 2022 20:27:54 GMT content-encoding gzip last-modified Wed, 09 Mar 2022 04:23:52 GMT server nginx etag W/"62282bd8-1182" x-cached-since 2022-03-09T04:41:16+00:00 content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, must-revalidate, proxy-revalidate cache HIT x-id fr5-up-gc28 expires Thu, 09 Mar 2023 04:45:21 GMT
GET H/1.1	200 OK	logo-default.png app.replain.cc/ Frame E965	20 KB 20 KB	169ms 83ms	Image image/png	178.21.8.220 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://app.replain.cc/logo-default.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS chat.cetis.ru Software nginx / Resource Hash 4e873726d9fb941ec46569ec0a685950f9f954e5c9c00389142d8c35a9584ebe Request headers Accept-Language de-DE,de;q=0.9 Referer http://paynets.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma public Date Sun, 13 Mar 2022 20:32:07 GMT Last-Modified Fri, 11 Mar 2022 06:01:22 GMT Server nginx ETag "622ae5b2-4fd9" Content-Type image/png Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 20441 Expires Mon, 13 Mar 2023 20:32:07 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Visa (Financial)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| Vue object| VueTheMask function| $ function| jQuery object| bootstrap object| _0x2a31 function| _0x526a function| _0x541884 function| _0x46429b function| _0x52ab34 function| _0x37ad72 function| _0x2d9238 function| _0x3067b0 object| civchat object| replainSettings boolean| replainInitialized object| ReplainWidget function| ReplainAPI

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paynets.online/	1970-01-23 17:09:23	Name: site Value: paynets.online

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://paynets.online/(Line 160) Message: The specified value "%expm%" cannot be parsed, or is out of range.
rendering	warning	URL: http://paynets.online/(Line 163) Message: The specified value "%expy%" cannot be parsed, or is out of range.
rendering	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js(Line 5) Message: The specified value "%expm%" cannot be parsed, or is out of range.
rendering	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js(Line 5) Message: The specified value "%expy%" cannot be parsed, or is out of range.
network	error	URL: http://paynets.online/assets/img/wait.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.replain.cc
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
paynets.online
raw.githubusercontent.com
snipp.ru
unpkg.com
widget.replain.cc
178.21.8.220
2606:4700::6810:125e
2606:4700::6810:7aaf
2606:4700::6812:bcf
2606:50c0:8002::154
2a00:1450:4001:810::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:f940:2:2:1:1:0:112
2a03:90c0:41:2801::254
87.236.16.202
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
1348641771d9c6ef36801b42d2ffcd698df071d6463ae86ce992bf44a78c2633
175ef860729a6f3aa7c0a7954152bddbed5446affa2fe2931be79ffed5e20f87
1a9548347c9b338b3168bc5eb94c8206490a3462efc3c674632e9e9236785d54
1fbc6888ee9ff61b0f975998ef371db04257c5822e90c6f0b3a53988240e14b5
4e873726d9fb941ec46569ec0a685950f9f954e5c9c00389142d8c35a9584ebe
54576498d5d389761af7c4250534c39ed4e43a2954d1767d6232942b26244d80
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7589770827195e3e1605fe94afa08f78da1c45811e655783ac0b4bc86ab25e1a
77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15
9f2fe64a9e8740652b95125ec26f5761480cf2817284bd8d00d884611e05a58b
a775026091fa6c419284438f675f964453004bbb92cbe6df41be6c245c9a314b
acce91c82cedc2cb341fba4bf9aae3096820fa28dc67b4cce8a86a575b11ef7d
b5c17252ad773fe8ca84e0c09474290d5d3ce0521a1e00a028f0a226b881abc4
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c45562107b5d8f7161ed5eb4593b3da118cf5338400b86edd9f77f57b4814b89
c9fea33459d13044c2ed5045928e7791bb22257173dc4dd0ad7cd31204d936b6
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e
d79fdefbca7dc806c2990943cb14baa8ab5fe1eafa7e8c1fb0660e0fbbf09011
f1b3ed185ee5751bd0d272e5ab63df08a80d4bf96c0eb102aa342046970d7261
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62