urlscan.io logo urlscan.io
SecurityTrails logo

msnllc.com Open in urlscan Pro
35.206.114.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.click2pay.us/CL0/https://msnllc.com/click2pay-support//1/0100018414997fcc-3aaf2d21-37cf-47f8-812c-3fc6db954ae...
Effective URL: https://msnllc.com/click2pay-support/
Submission: On October 26 via api from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 16 HTTP transactions. The main IP is 35.206.114.149, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is msnllc.com.
TLS certificate: Issued by R3 on October 2nd 2022. Valid for: 3 months.
This is the only time msnllc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:251... 16509 (AMAZON-02)
11 35.206.114.149 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
16 5
1    2600:9000:2510:6000:2:2a2a:2bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
email.click2pay.us
11    35.206.114.149 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 149.114.206.35.bc.googleusercontent.com
msnllc.com
1    2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 msnllc.com
msnllc.com
477 KB
3 gstatic.com
fonts.gstatic.com
47 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
1 click2pay.us
email.click2pay.us
225 B
16 5
Domain Requested by
11 msnllc.com msnllc.com
3 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com msnllc.com
1 fonts.googleapis.com msnllc.com
1 email.click2pay.us 1 redirects
16 5

This site contains no links.

Subject Issuer Validity Valid
msnllc.com
R3		 2022-10-02 -
2022-12-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://msnllc.com/click2pay-support/
Frame ID: A0E39A5741F32D2253D7D374315F792E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click2Pay Support - MSN Healthcare Solutions

Page URL History Show full URLs

  1. https://email.click2pay.us/CL0/https://msnllc.com/click2pay-support//1/0100018414997fcc-3aaf2d21-37cf-4... HTTP 302
    https://msnllc.com/click2pay-support/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

534 kB
Transfer

2836 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.click2pay.us/CL0/https://msnllc.com/click2pay-support//1/0100018414997fcc-3aaf2d21-37cf-47f8-812c-3fc6db954ae9-000000/aA1LQnLEq97pjooMGKBT4bWEVokc1q7rpXHansfm1F4=272 HTTP 302
    https://msnllc.com/click2pay-support/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
msnllc.com/click2pay-support/
Redirect Chain
  • https://email.click2pay.us/CL0/https://msnllc.com/click2pay-support//1/0100018414997fcc-3aaf2d21-37cf-47f8-812c-3fc6db954ae9-000000/aA1LQnLEq97pjooMGKBT4bWEVokc1q7rpXHansfm1F4=272
  • https://msnllc.com/click2pay-support/
108 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f23af58d5b0c26a0eb48a2b70904123c3ae5b8390eb5f682ff57472d352a8b13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 14:36:31 GMT
expires
Wed, 26 Oct 2022 14:36:31 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
last-modified
Wed, 26 Oct 2022 09:02:44 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_MAX_AGE_ZERO

Redirect headers

content-length
0
date
Wed, 26 Oct 2022 14:36:30 GMT
location
https://msnllc.com/click2pay-support/
via
1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
x-amz-cf-id
lojRjCfuiYPNTPChayrKgsJlGi0NGFN1YWhC84a3_WG8vFN7atFs4g==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
siteground-optimizer-combined-css-19dd793023ac0ca8006f9d3ba18a62e8.css
msnllc.com/wp-content/uploads/siteground-optimizer-assets/ 		2 MB
169 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-19dd793023ac0ca8006f9d3ba18a62e8.css
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ce42e623d40f2cad1eaba26c9c34f18663fa48c8b8760fdf5ade1584b2f1f0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Sat, 22 Oct 2022 14:03:50 GMT
server
nginx
etag
W/"6353f846-192d61"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
css
fonts.googleapis.com/ 		45 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be80295e798d79f9dcd290ca8d913e9ce309b2ef0558549694244ee006933943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 12:51:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Oct 2022 14:36:31 GMT
cff-style.min.css
msnllc.com/wp-content/plugins/custom-facebook-feed/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:17:03 GMT
server
nginx
etag
W/"62f2f8ff-4457"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=6.0.3
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
747963
cdn-cachedat
07/07/2022 17:49:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
55bc32cdb2974b2542596234dd7e5ab4
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7603ecbb6b948c96-EWR
cdn-requestpullsuccess
True
jquery.min.js
msnllc.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Wed, 24 Nov 2021 03:27:20 GMT
server
nginx
etag
W/"619db118-15db1"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
woocommerce-smallscreen.min.css
msnllc.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
78051700ee728c2bf346405d84b9af78d8160542cfd1d2971f6eb749dedbbf74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Mon, 01 Aug 2022 02:13:14 GMT
server
nginx
etag
W/"62e736ba-1768"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
wp-polyfill.min.js
msnllc.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Thu, 26 May 2022 05:25:46 GMT
server
nginx
etag
W/"628f0f5a-4ac6"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
hooks.min.js
msnllc.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-includes/js/dist/hooks.min.js
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Thu, 26 May 2022 05:25:46 GMT
server
nginx
etag
W/"628f0f5a-132e"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
i18n.min.js
msnllc.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-includes/js/dist/i18n.min.js
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Thu, 26 May 2022 05:25:46 GMT
server
nginx
etag
W/"628f0f5a-27ee"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
siteground-optimizer-combined-js-cd2a87663677fb096ec30052010edf77.js
msnllc.com/wp-content/uploads/siteground-optimizer-assets/ 		830 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-cd2a87663677fb096ec30052010edf77.js
Requested by
Host: msnllc.com
URL: https://msnllc.com/click2pay-support/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1e95a5ad4e8604ee3955f7d2f2c04c6822044d64fb136737e160bbf71fee36a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:31 GMT
content-encoding
br
last-modified
Fri, 21 Oct 2022 16:38:15 GMT
server
nginx
etag
W/"6352caf7-cf83e"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Thu, 26 Oct 2023 14:36:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msnllc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 10:24:38 GMT
x-content-type-options
nosniff
age
447114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 10:24:38 GMT
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msnllc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:32:04 GMT
x-content-type-options
nosniff
age
587068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:32:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msnllc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 21:04:41 GMT
x-content-type-options
nosniff
age
63111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 21:04:41 GMT
click2pay.png
msnllc.com/wp-content/uploads/2021/05/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msnllc.com/wp-content/uploads/2021/05/click2pay.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c757e4cd48b1e4a5ce94bc3e9cf83ecb91b9f4eb9c60d4dfdac402c8e3468a50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://msnllc.com/click2pay-support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:36:32 GMT
last-modified
Wed, 24 Nov 2021 02:59:25 GMT
server
nginx
etag
"619daa8d-4c2f"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
19503
expires
Thu, 26 Oct 2023 14:36:32 GMT
/
msnllc.com/ 		896 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msnllc.com/?wc-ajax=get_refreshed_fragments&elementor_page_id=8259
Requested by
Host: msnllc.com
URL: https://msnllc.com/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.206.114.149 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.114.206.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d5788a4eb07df388a8bc848b0dc752d91f5fc66f178f097978cc48116818555f

Request headers

Accept
*/*
Referer
https://msnllc.com/click2pay-support/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 26 Oct 2022 14:36:32 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/json; charset=UTF-8
cache-control
max-age=0
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 26 Oct 2022 14:36:32 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| astra object| eadPublic object| alg_wc_pop_data_object object| wc_add_to_cart_params object| woocommerce_params object| wc_cart_fragments_params object| quformL10n object| cffOptions function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorFrontendConfig undefined| $ function| jQuery undefined| href function| a string| cffajaxurl string| cfflinkhashtags string| sbiajaxurl function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent boolean| cff_js_exists object| runtime undefined| cffAddMasonry function| cff_init function| checkConsent function| cffCmplzGetCookie function| addFullFeatures function| afterConsentToggled function| cffGetFeedLocatorDataArray function| locationGuess object| ___FONT_AWESOME___ object| fontawesome-free-shims function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| PDFObject object| lazySizes function| Cookies object| kendo function| Quform function| flatpickr object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| regeneratorRuntime object| elementorProFrontend function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontend function| Sticky

1 Cookies

Domain/Path Name / Value
msnllc.com/ Name: quform_session_0ee73a296bc840fec2eac79f924603db
Value: is6Rgpyni36XFoOfHOb5C4LWOiXMHVxvMjU80KFQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.click2pay.us
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
msnllc.com
2600:9000:2510:6000:2:2a2a:2bc0:93a1
2606:4700::6812:bcf
2607:f8b0:4006:816::200a
2607:f8b0:4006:820::2003
35.206.114.149
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6ce42e623d40f2cad1eaba26c9c34f18663fa48c8b8760fdf5ade1584b2f1f0f
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
78051700ee728c2bf346405d84b9af78d8160542cfd1d2971f6eb749dedbbf74
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
a1e95a5ad4e8604ee3955f7d2f2c04c6822044d64fb136737e160bbf71fee36a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be80295e798d79f9dcd290ca8d913e9ce309b2ef0558549694244ee006933943
c757e4cd48b1e4a5ce94bc3e9cf83ecb91b9f4eb9c60d4dfdac402c8e3468a50
d5788a4eb07df388a8bc848b0dc752d91f5fc66f178f097978cc48116818555f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23af58d5b0c26a0eb48a2b70904123c3ae5b8390eb5f682ff57472d352a8b13
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615