security.hs-confirm-payments.com
198.54.116.183  Malicious Activity!

Submitted URL: http://security.hs-confirm-payments.com/reg
Effective URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9...
Submission: On February 18 via automatic, source openphish

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 38 HTTP transactions. The main IP is 198.54.116.183, located in United States and belongs to NAMECHEAP-NET, US. The main domain is security.hs-confirm-payments.com.
This is the only time security.hs-confirm-payments.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

IP Address AS Autonomous System
1 39 198.54.116.183 22612 (NAMECHEAP...)
38 1
Domain
Subdomains
Transfer
39 hs-confirm-payments.com
security.hs-confirm-payments.com
183 KB
38 1
Domain Requested by
39 security.hs-confirm-payments.com 1 redirects security.hs-confirm-payments.com
38 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Frame ID: 198DC4888E01FA49CC32A8193C0DA068
Requests: 38 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://security.hs-confirm-payments.com/reg HTTP 301
    http://security.hs-confirm-payments.com/reg/ Page URL
  2. http://security.hs-confirm-payments.com/ Page URL
  3. http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

38
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

182 kB
Transfer

341 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://security.hs-confirm-payments.com/reg HTTP 301
    http://security.hs-confirm-payments.com/reg/ Page URL
  2. http://security.hs-confirm-payments.com/ Page URL
  3. http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://security.hs-confirm-payments.com/reg HTTP 301
  • http://security.hs-confirm-payments.com/reg/

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
security.hs-confirm-payments.com/reg/
Redirect Chain
  • http://security.hs-confirm-payments.com/reg
  • http://security.hs-confirm-payments.com/reg/
49 B
448 B
Document
General
Full URL
http://security.hs-confirm-payments.com/reg/
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
security.hs-confirm-payments.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:07 GMT
server
Apache
last-modified
Tue, 06 Feb 2018 02:06:12 GMT
accept-ranges
bytes
content-length
49
content-type
text/html
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade

Redirect headers

date
Thu, 18 Feb 2021 13:07:07 GMT
server
Apache
location
http://security.hs-confirm-payments.com/reg/
content-length
252
content-type
text/html; charset=iso-8859-1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
/
security.hs-confirm-payments.com/
260 B
836 B
Document
General
Full URL
http://security.hs-confirm-payments.com/
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
cc97247a0aa361d95004325077f9cef96cf84cce154a28713f5b58be08c15038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
security.hs-confirm-payments.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://security.hs-confirm-payments.com/reg/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://security.hs-confirm-payments.com/reg/

Response headers

date
Thu, 18 Feb 2021 13:07:07 GMT
server
Apache
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=22aaa274d54d86d54bcf4176b42ae2db; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
242
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
Primary Request idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
security.hs-confirm-payments.com/
23 KB
6 KB
Document
General
Full URL
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
5fd2a4698ee1ad6fa3fd982b043386752a538051cc339f5834d67c94f2755172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
security.hs-confirm-payments.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://security.hs-confirm-payments.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
PHPSESSID=22aaa274d54d86d54bcf4176b42ae2db
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://security.hs-confirm-payments.com/

Response headers

date
Thu, 18 Feb 2021 13:07:08 GMT
server
Apache
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-length
5931
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
box.css?jzjIhxUXWlHwCNPCmnzdymjKzLhmqCqKbbngOoBDPJvPNNOlY
security.hs-confirm-payments.com/reg/
5 KB
2 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/box.css?jzjIhxUXWlHwCNPCmnzdymjKzLhmqCqKbbngOoBDPJvPNNOlY
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
87834b5fddf6d9e66bd6e941e55c691e916f8af5017e31725cb74b4f9cea7293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:32:04 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1230
x-content-type-options
nosniff
button.css
security.hs-confirm-payments.com/reg/
13 KB
3 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/button.css
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
54efb4fe5b099a0714573387b647770899a87645bfbe9e967dc7907f60adcf86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:31:52 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
2165
x-content-type-options
nosniff
core.css?siDKJzQNaPylreagiccsHzGK
security.hs-confirm-payments.com/reg/
87 KB
16 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
99075a67945cb27fc4c8ee7c4fd88a1e94abb365d58f498e1b6e260dbda7b32d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:31:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
15527
x-content-type-options
nosniff
footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
security.hs-confirm-payments.com/reg/
5 KB
2 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
56ce1dd7a8c20be3e3b068674a657dbd7a5e7b148e309f9c6dd97414557c164e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1317
x-content-type-options
nosniff
table.css?lZmhNUltQAauQqJAYURxkaRXGOYZxVuh
security.hs-confirm-payments.com/reg/
15 KB
4 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/table.css?lZmhNUltQAauQqJAYURxkaRXGOYZxVuh
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
bfb4546fa032661e8e25f4f7b7f0bd93480e8da04e28a04312e7fca9c101cc32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:33:02 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
3563
x-content-type-options
nosniff
light.css?DGbBFyjOdJYzzXamzRGYMnWuQNUuPcRUKAaQbckDHlYWzgKxbkR
security.hs-confirm-payments.com/reg/
6 KB
2 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/light.css?DGbBFyjOdJYzzXamzRGYMnWuQNUuPcRUKAaQbckDHlYWzgKxbkR
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
c28f1a4da711ec4a0c98785338de759ec9697bcec619c2f6b20912461d5c3c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1595
x-content-type-options
nosniff
head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
security.hs-confirm-payments.com/reg/
20 KB
4 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
55c530c67f702c447ce8d8f0f0da6ceb4332804cf252a613f337f37dfd8c93ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:52 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
3724
x-content-type-options
nosniff
reset.css
security.hs-confirm-payments.com/reg/
1 KB
1 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/reset.css
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
dd784e0d9635e2bc7fb87b708ccafce38b4c30a98ae6681162a10ed3ad5c106d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
633
x-content-type-options
nosniff
detail.css
security.hs-confirm-payments.com/reg/
6 KB
2 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/detail.css
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
02e9e8bd579c6b34b9c29d6e5afe5aee89018462577d428b03261c3c80049a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:52 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1421
x-content-type-options
nosniff
common.css?QzyxYSqyXXQytVOkmQfWzDAeRxnTnxlgVjouYcXXQlZTGg
security.hs-confirm-payments.com/reg/
12 KB
3 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/common.css?QzyxYSqyXXQytVOkmQfWzDAeRxnTnxlgVjouYcXXQlZTGg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
cfc39741d80b0ff2bf2b6eee10c7d5fbc4b703f42c291aba0dab86da0e9f3793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:52 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
2850
x-content-type-options
nosniff
extra.css?vqNjnxsqQZawBUnnroJEnKXXaDZVSUxeLQTy
security.hs-confirm-payments.com/reg/
24 KB
5 KB
Stylesheet
General
Full URL
http://security.hs-confirm-payments.com/reg/extra.css?vqNjnxsqQZawBUnnroJEnKXXaDZVSUxeLQTy
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
08b54b8d78a5ce8b580cf388190f11a8a80d90366efa7a908fd2b9b34559869c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:22:42 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
4837
x-content-type-options
nosniff
hsbc-logo.gif
security.hs-confirm-payments.com/reg/
5 KB
5 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/hsbc-logo.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
33ce282f6f4df66becb2d6546f9d76d665b014845c6e8fd49dba4a77c10916c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
4881
x-content-type-options
nosniff
btn_register_now.jpg
security.hs-confirm-payments.com/reg/
5 KB
6 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/btn_register_now.jpg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
46a9e82a911fd5e8385cea0197645f37e262e8ba7854708d648459083a44bfb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
5283
x-content-type-options
nosniff
protecting-your-money.jpg
security.hs-confirm-payments.com/reg/
12 KB
12 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/protecting-your-money.jpg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
9f6a9bb8a898931b3aa22c498b2a49f48d0b8c109b733fad5fc8cabce2cc2889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
12270
x-content-type-options
nosniff
how-to-stay-safe-online.jpg
security.hs-confirm-payments.com/reg/
5 KB
6 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/how-to-stay-safe-online.jpg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
3d672d8999a8795c84eedcd7d37ea43cc1c756903818147f528f3999a9730e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
5617
x-content-type-options
nosniff
app-store.jpg
security.hs-confirm-payments.com/reg/
5 KB
5 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/app-store.jpg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
3edb06ffd464e78faa7494ea5b1101e0efbbc7c8729614552d4728bd59d0707f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
5218
x-content-type-options
nosniff
google-play-logo.png
security.hs-confirm-payments.com/reg/
8 KB
9 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/google-play-logo.png
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
1e6d8f6b9c32e5928bf8b61f54c36b7e373d5798ee9a9f022bddc11b5984df3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
8516
x-content-type-options
nosniff
20109-PWS-SAAS-login-scam-300x255.jpg
security.hs-confirm-payments.com/reg/
23 KB
23 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/20109-PWS-SAAS-login-scam-300x255.jpg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
82d6e2516a0df2c3879c098c2e1c319c0ce7b9743ce6ee878ab6b4f209569883
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
23435
x-content-type-options
nosniff
D650-login-seckey-300x255.jpg
security.hs-confirm-payments.com/reg/
23 KB
24 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/D650-login-seckey-300x255.jpg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
5bd813166f92ddba59339ec95dd77bec711f582efa04de122b5e3050bc859bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
23947
x-content-type-options
nosniff
D650-login-cc-300x255.jpg
security.hs-confirm-payments.com/reg/
17 KB
17 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/D650-login-cc-300x255.jpg
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
a45ea7f4b552e28f3e0dfcf00c9bd77b52984748fed3dd17dac2b428f9a561c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/idv.Log.php?ud=dashbrd&idv.cmd=LOGIN&accessU=d09bf41544a3365a46c9077ebb5e35c3&ID=Z8HXCDBGZWCEPJ9XO31LX7X6FKXEGRVP4ORZKW2KBDMBTIDB7DDO3B805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:07:32 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
17295
x-content-type-options
nosniff
top.gif
security.hs-confirm-payments.com/reg/
54 B
453 B
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/top.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
bf266f02007642c1b71807c6b399ee1268d8a5a36b8d03162bce1fa222942c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
54
x-content-type-options
nosniff
bg_arrow.gif
security.hs-confirm-payments.com/reg/
2 KB
2 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/bg_arrow.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
f849d3b842a1c5d9b3f0bf529e62cfb46d20fe26544597a21e91b0ada28cb779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1885
x-content-type-options
nosniff
bg_gradient.gif
security.hs-confirm-payments.com/reg/
1 KB
2 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/bg_gradient.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
a4252e53f67c397b5978d17a5b276376d8581f17d741bc1994efe6ec930307ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1269
x-content-type-options
nosniff
locale.gif
security.hs-confirm-payments.com/reg/
1 KB
2 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/locale.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
c5bd889d63edff8886935feb6640592b5494b5cd9877494e60cb643c068e7144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1475
x-content-type-options
nosniff
uk.gif
security.hs-confirm-payments.com/reg/
2 KB
2 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/uk.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
5361fc386b6367880608208f73170fb80556f0df029e18f5b0db20461d1cf14a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
2019
x-content-type-options
nosniff
section_divider.gif
security.hs-confirm-payments.com/reg/
1 KB
1 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/section_divider.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
c242fecf52b24a49f80215433f75fcd149fe3cdf9e807437bbd38317f036b965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/head.css?ZRggqjEbilacDIPbmVOSGhPfSuJVULvcrfruOnCafKJACfBeTx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1111
x-content-type-options
nosniff
page-heading-gradient.png
security.hs-confirm-payments.com/reg/
942 B
1 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/page-heading-gradient.png
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
b5a3dd3f96d3e983873762c6b69b7946be6b1627dff5eca7716ad8396bbab132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
942
x-content-type-options
nosniff
default-left.gif
security.hs-confirm-payments.com/reg/
1 KB
2 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/default-left.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/extra.css?vqNjnxsqQZawBUnnroJEnKXXaDZVSUxeLQTy
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
8a4a5bc7c1c81d7dfe382d0f1157298e7e439e13228d23d2a448f1c811015c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/extra.css?vqNjnxsqQZawBUnnroJEnKXXaDZVSUxeLQTy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:09 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1410
x-content-type-options
nosniff
default.gif
security.hs-confirm-payments.com/reg/
3 KB
3 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/default.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/extra.css?vqNjnxsqQZawBUnnroJEnKXXaDZVSUxeLQTy
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
f2d04f19fe518e0201f68d3a0b0e6979c06848a95d84f3f07c32b000fc621367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/extra.css?vqNjnxsqQZawBUnnroJEnKXXaDZVSUxeLQTy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
2563
x-content-type-options
nosniff
customcheckbox.gif
security.hs-confirm-payments.com/reg/
679 B
1 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/customcheckbox.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/common.css?QzyxYSqyXXQytVOkmQfWzDAeRxnTnxlgVjouYcXXQlZTGg
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
1d1188cc0634d30847cbfd7424ee666df0f674acf1cff95f8e2421f800815880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/common.css?QzyxYSqyXXQytVOkmQfWzDAeRxnTnxlgVjouYcXXQlZTGg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
679
x-content-type-options
nosniff
forward.gif
security.hs-confirm-payments.com/reg/
157 B
557 B
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/forward.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
0e470a24cfcdfa42487418070681845219a16cfedb62c5101514d96faf510c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
157
x-content-type-options
nosniff
bg-bullet01.gif
security.hs-confirm-payments.com/reg/
839 B
1 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/bg-bullet01.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
55b396782fa592bfd31908e28c3293537bcf5cb22eaf5f4c255cf7ab0d364560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/core.css?siDKJzQNaPylreagiccsHzGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:10 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
839
x-content-type-options
nosniff
contact.png
security.hs-confirm-payments.com/reg/
2 KB
2 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/contact.png
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
6197f7ae191cb4b28ec55b5cf74a92db66a1a8e43f76abe3863ab3c51cb7667b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1627
x-content-type-options
nosniff
branch.png
security.hs-confirm-payments.com/reg/
2 KB
2 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/branch.png
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
82fa45a014c9faa9885c4338e07e44de3028b9c6982202490d0ee695e72da691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1828
x-content-type-options
nosniff
footer.gif
security.hs-confirm-payments.com/reg/
1 KB
1 KB
Image
General
Full URL
http://security.hs-confirm-payments.com/reg/footer.gif
Requested by
Host: security.hs-confirm-payments.com
URL: http://security.hs-confirm-payments.com/reg/footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
Protocol
HTTP/1.1
Server
198.54.116.183 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business34-5.web-hosting.com
Software
Apache /
Resource Hash
9db0d37a99592c40f146b9a8026e020d2c0b843bca0d7b0279ac8fa8fb13fd53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://security.hs-confirm-payments.com/reg/footer.css?jTJLOjxoTjCcAZQTovSnKNrpZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 13:07:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Mar 2020 09:06:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1125
x-content-type-options
nosniff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| AaazMBdEXXPUW function| chkit function| ErmVM function| rRzyRxlVmF

1 Cookies

Domain/Path Name / Value
security.hs-confirm-payments.com/ Name: PHPSESSID
Value: 22aaa274d54d86d54bcf4176b42ae2db

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

security.hs-confirm-payments.com
198.54.116.183
02e9e8bd579c6b34b9c29d6e5afe5aee89018462577d428b03261c3c80049a36
08b54b8d78a5ce8b580cf388190f11a8a80d90366efa7a908fd2b9b34559869c
0e470a24cfcdfa42487418070681845219a16cfedb62c5101514d96faf510c9c
1d1188cc0634d30847cbfd7424ee666df0f674acf1cff95f8e2421f800815880
1e6d8f6b9c32e5928bf8b61f54c36b7e373d5798ee9a9f022bddc11b5984df3b
33ce282f6f4df66becb2d6546f9d76d665b014845c6e8fd49dba4a77c10916c3
3d672d8999a8795c84eedcd7d37ea43cc1c756903818147f528f3999a9730e02
3edb06ffd464e78faa7494ea5b1101e0efbbc7c8729614552d4728bd59d0707f
46a9e82a911fd5e8385cea0197645f37e262e8ba7854708d648459083a44bfb8
5361fc386b6367880608208f73170fb80556f0df029e18f5b0db20461d1cf14a
54efb4fe5b099a0714573387b647770899a87645bfbe9e967dc7907f60adcf86
55b396782fa592bfd31908e28c3293537bcf5cb22eaf5f4c255cf7ab0d364560
55c530c67f702c447ce8d8f0f0da6ceb4332804cf252a613f337f37dfd8c93ba
56ce1dd7a8c20be3e3b068674a657dbd7a5e7b148e309f9c6dd97414557c164e
5bd813166f92ddba59339ec95dd77bec711f582efa04de122b5e3050bc859bd5
5fd2a4698ee1ad6fa3fd982b043386752a538051cc339f5834d67c94f2755172
6197f7ae191cb4b28ec55b5cf74a92db66a1a8e43f76abe3863ab3c51cb7667b
82d6e2516a0df2c3879c098c2e1c319c0ce7b9743ce6ee878ab6b4f209569883
82fa45a014c9faa9885c4338e07e44de3028b9c6982202490d0ee695e72da691
87834b5fddf6d9e66bd6e941e55c691e916f8af5017e31725cb74b4f9cea7293
8a4a5bc7c1c81d7dfe382d0f1157298e7e439e13228d23d2a448f1c811015c8f
99075a67945cb27fc4c8ee7c4fd88a1e94abb365d58f498e1b6e260dbda7b32d
9db0d37a99592c40f146b9a8026e020d2c0b843bca0d7b0279ac8fa8fb13fd53
9f6a9bb8a898931b3aa22c498b2a49f48d0b8c109b733fad5fc8cabce2cc2889
a4252e53f67c397b5978d17a5b276376d8581f17d741bc1994efe6ec930307ea
a45ea7f4b552e28f3e0dfcf00c9bd77b52984748fed3dd17dac2b428f9a561c2
b5a3dd3f96d3e983873762c6b69b7946be6b1627dff5eca7716ad8396bbab132
bf266f02007642c1b71807c6b399ee1268d8a5a36b8d03162bce1fa222942c98
bfb4546fa032661e8e25f4f7b7f0bd93480e8da04e28a04312e7fca9c101cc32
c242fecf52b24a49f80215433f75fcd149fe3cdf9e807437bbd38317f036b965
c28f1a4da711ec4a0c98785338de759ec9697bcec619c2f6b20912461d5c3c7f
c5bd889d63edff8886935feb6640592b5494b5cd9877494e60cb643c068e7144
cc97247a0aa361d95004325077f9cef96cf84cce154a28713f5b58be08c15038
cfc39741d80b0ff2bf2b6eee10c7d5fbc4b703f42c291aba0dab86da0e9f3793
dd784e0d9635e2bc7fb87b708ccafce38b4c30a98ae6681162a10ed3ad5c106d
f2d04f19fe518e0201f68d3a0b0e6979c06848a95d84f3f07c32b000fc621367
f849d3b842a1c5d9b3f0bf529e62cfb46d20fe26544597a21e91b0ada28cb779