foxpost.safepayment.online Open in urlscan Pro
2606:4700:3031::6815:1dd Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://foxpost.safepayment.online/unlock48435202?id=raiffeisen
Submission: On April 11 via manual (April 11th 2023, 9:37:33 am UTC) from IN — Scanned from DE

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3031::6815:1dd, located in United States and belongs to CLOUDFLARENET, US. The main domain is foxpost.safepayment.online.
TLS certificate: Issued by GTS CA 1P5 on April 9th 2023. Valid for: 3 months.

This is the only time foxpost.safepayment.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Raiffeisen Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700:303... 2606:4700:3031::6815:1dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 2	91.220.172.1 91.220.172.1	41694 (RB-HU-AS) (RB-HU-AS)
1 2	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
3	91.220.172.27 91.220.172.27	41694 (RB-HU-AS) (RB-HU-AS)
56	6

42 2606:4700:3031::6815:1dd (United States)

ASN13335 (CLOUDFLARENET, US)

foxpost.safepayment.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.220.172.1 (Budapest, Hungary) 1 redirects

ASN41694 (RB-HU-AS, HU)
PTR: www.raiffeisen.hu

www.raiffeisen.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.132.202.70 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

eu-edge.ad1x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.220.172.27 (Budapest, Hungary)

ASN41694 (RB-HU-AS, HU)

sso.raiffeisen.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	safepayment.online foxpost.safepayment.online	609 KB
5	raiffeisen.hu 1 redirects www.raiffeisen.hu sso.raiffeisen.hu	29 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 357	119 KB
2	ad1x.com eu-edge.ad1x.com Failed	207 B
0	foxpost.hu Failed foxpost.hu Failed
56	5

	Domain	Requested by
42	foxpost.safepayment.online	foxpost.safepayment.online ajax.googleapis.com
4	ajax.googleapis.com	foxpost.safepayment.online
3	sso.raiffeisen.hu	foxpost.safepayment.online
2	www.raiffeisen.hu	1 redirects foxpost.safepayment.online
2	eu-edge.ad1x.com	foxpost.safepayment.online
0	foxpost.hu Failed	foxpost.safepayment.online
56	6

This site contains no links.

Subject Issuer	Validity	Valid
*.safepayment.online GTS CA 1P5	`2023-04-09` - `2023-07-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
aautofaucet.org R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
sso.raiffeisen.hu GeoTrust EV RSA CA 2018	`2022-08-24` - `2023-09-24`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen
Frame ID: 23B6EAD4F7745A08D8E3982043027D9E
Requests: 45 HTTP requests in this frame

Frame: https://foxpost.safepayment.online/support48435202
Frame ID: EC437CECFE473E48E5B75C6CD3E71DB7
Requests: 10 HTTP requests in this frame

Frame: https://eu-edge.ad1x.com/
Frame ID: 9691E14D9C9D70B6D2808C0F60CAB954
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Raiffeisen BANK - Bejelentkezés

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

88 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

756 kB
Transfer

2271 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.raiffeisen.hu/sso_1_login_banner_960x340_en HTTP 302
https://www.raiffeisen.hu/documents/10165/1590567/sso_7_login_banner_960x260_en.png

Request Chain 36

https://foxpost.safepayment.online/fonts/Roboto-Regular.ttf HTTP 302
https://foxpost.hu/fonts/Roboto-Regular.ttf

Request Chain 44

https://eu-edge.ad1x.com/analytics/her.html?apiKey=21e6b288-bd75-410f-9425-e5e86d7d7cd5 HTTP 301
https://eu-edge.ad1x.com/

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request unlock48435202 Show response
foxpost.safepayment.online/ 53 KB
10 KB 1185ms
921ms Document
text/html 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

8e2b734d2c44baaefbb2cecfe29d0794ee5b8e00cbdcf1797b0820597bab70d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b62404299059975-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Tue, 11 Apr 2023 09:37:28 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVHhJIOjT6V3PU%2F%2Fy43wOAunBOcwuGN72f%2B2LMaRrHILpPBTzrZdTm0ggdb0MalR07vrnHVyTGrBEUsabEjr56nSXx4wbTk8eGYL3eFCKRQtO3yqGH%2F54MM12z%2FJF%2FMgj4tVq4iscStAK56IINAe8kVUHhoNQs5SrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: PHP/7.4.29
x-xss-protection: 0

GET
H2 200 cognition.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 42 KB
17 KB 178ms
173ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/cognition.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d53f1c1a977fdefd37aad4008c6e032203137800db2f304657b991b757d1fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"a91e-5f7cd6cd19721"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztTiaTYETMd31F%2BkclByJgXqghtThwUoYdO4s6%2FLu%2F2mwOJ%2FY2PwnbijxhzYLLWquOOmzkvieGXBWl3dt8nUDXsy0Aw55iyLDDnUD9sJlW49VLi9wwpOp7WtJdgaiXyqmYS4XwzRuMYSX6dL5MI4ANiDNlcfCfvWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9569975-FRA

GET
H2 200 kBczkLTXsUBMP6k.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 203 KB
83 KB 158ms
153ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/kBczkLTXsUBMP6k.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922aed0919eb8380f2becb46bebf76399d88e52d3bbe3a521d96542129069b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"32a80-5f7cd6cdcd216"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rilK2lPceHkmJ8DQ8hQm9M27nVSRHnl0odZSLZ4NR7%2FBd7r7aBPfyamQJzU%2BAeU1bX6zakHc6Q18mMEVz5Rau7qQdyF40ZAGUxXzXoBMjx9hfTC0MM6gQklbWfv74ZYv%2BE4CgOwz%2Bq9UrYau1doz2MEkEUhTHIcc8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9669975-FRA

GET
H3 200 main.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 499 KB
149 KB 131ms
130ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/main.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

687f1ec05718a1cce2a59efc664e16d137da21a5af854f57d353f89d0003a04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:51 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"7cafa-5f7cd6ced875e"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ%2FJBm0whgKyLNb4PZema3Lps2Gx5JEXQQ%2Bj%2FPgSwg2DnmlKq5rMm%2BLn28vF9VAsR5%2F5nbzIeBbGlkSKLpaR3Bed%2FnYhw5Dj%2FMGxvhXnMvrAkKlSRVJQgbiCVOFHEMM00dGKbZJVVNP9V0ALy9AcJqcwEjcPYdIGiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404ac87b3688-FRA

GET
H3 200 AppConfiguration.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 11 KB
3 KB 159ms
156ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/AppConfiguration.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c4fea8c3d1238eaffbc7613dc1118a83ead2f5b0c06f81cb6b975476f93b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:47 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"2cfa-5f7cd6cb25358"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpfCeqRNlMEWRELyGawLJWfsQdkMDKr6u5tpWfNt3nsvGMDKh702HLbt4Fgbjy224zNsADqwoUkz%2FPL8J8dLVt3sWN0RRblj1JDaqU44dN0l8R%2FdOp%2BkuhQ%2FJXsCQ1gLBechrWqFnxt4g92me%2BQwJxedz8QnF0lMQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404ac87f3688-FRA

GET
H3 200 ThemeConfiguration.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 6 KB
2 KB 133ms
131ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/ThemeConfiguration.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56edd1215abf97ba176b58eec0009c2bc75010ba0679791d496a386998459eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:53 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"16fb-5f7cd6d0879b3"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67Ky4oSjTkR7u2RZGGFDri2XfPSidpToWCRM%2Fxgsa7E%2FATj2wus7J9QLDo7KNV4%2BHdQp%2FUnDRKV783ETx8%2BPkxM97gEByMcbiiMy98fU38j9Ks%2BZ%2Fl%2BpC6DGjMNJuAiZNoa6AyoGX9FSFyPF5km79pYnsYCtAnSlvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404ac8813688-FRA

GET
H2 200 bootstrap.min.css
foxpost.safepayment.online/raiffeisen_files/ 160 KB
25 KB 258ms
253ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/bootstrap.min.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://foxpost.safepayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"28021-5f7cd6cc86b82"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hYp7BEzqczElVbKkSy7OMTAH9VHSy5SqPCmav122zyiB32Gt7SjJJS64jP5hngd7tzzDwTCfFOXX91vIxnLnrAOh6IB5jXE2b%2FMzFFiuD%2BKkA6bgadvJgKMyxQgwGVhisEXQiA9YTGSO6q2CMKaecGEUQx4obAVdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a95f9975-FRA

GET
H2 200 bootstrap.min(1).css
foxpost.safepayment.online/raiffeisen_files/ 134 KB
20 KB 271ms
267ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/bootstrap.min(1).css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7562bb77204404afebc5bb8fad5ff7a63416c6ca62cc1cd6382e9678413cf120

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"218e0-5f7cd6cc202e9"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13DpkPxee9uflq3IrjEuI4sCchce4uaHE7Q%2BON3v4JSRj8KZyJpvsQ0XbW5iOHUm32Vq9Bj66nY5giMi4PiWCglAn7kY5jwuhdPDHVQHg%2F2c2yIlsD0hsPMxXC6E8J96UiwkiBopZSOxBUwhGSOaKI7Q0NXRAoUUOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9609975-FRA

GET
H2 200 structure.css
foxpost.safepayment.online/raiffeisen_files/ 87 KB
16 KB 310ms
306ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/structure.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1bfefae8013a12c42cead9d1da250a76ebf14bcd06eb3c30c52a6417797471a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:52 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"15c57-5f7cd6d034998"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICyL6BAYqfi3U1cq4%2Fb3KWSzXl6D3qBROtNJwGVqxRdulOcjFdbY3mhhqu%2FzgPmXBcFYqprQBPadP1y2KXk%2BpxFMbNgI%2FFjlRjLl3g4Wa9aiMY7ITyAPMXC6KHOxTzbmc2%2FJLI8r%2Fuyqj10Auikv4iDjsWczOk4Q7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9619975-FRA

GET
H2 200 theme-rsso.css
foxpost.safepayment.online/raiffeisen_files/ 4 KB
1 KB 204ms
200ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/theme-rsso.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b68c4bf29b2300633468b6bd8d43cf2436bd4d90973e4355fb1f8be8d5cd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:53 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"1077-5f7cd6d0827ab"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Fof5BLwWxSr1%2B%2B70cEMirm3SzTkKg%2BjArCdkeEcdXCcgHQZPCFkTxmynUhKnhN%2F04O4TCJ5lqCxkdz%2BPbIvMcL7VVSfO0V38QqufC6FlKHJyR0kzwf1NeNP4rSFYqcn61URxRkkmYL4rhAfTlpUyNAOIU02s4ogQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9639975-FRA

GET
H2 200 rbsso.css
foxpost.safepayment.online/raiffeisen_files/ 23 KB
4 KB 242ms
238ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/rbsso.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f760dbb1afde73f1f4de9e327903a7c2156225f54cae044c12b73502c4c5018

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:51 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"5ab7-5f7cd6cf3f7c7"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uREuzsCDjtP8%2BlpDBrDbcTneC2h8ZaBevRrRTSklhOvmRHtZgZjZewgtvMgEMfRQHd6%2BzxIjlswsXQduJj7v3Hyi0MHzWZHj455swfbEyiq9F7xSXUGhBb0nFvBtIcEiSdKEog6qS2QZSID1CnK1jhpmZr7r5nQgdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9649975-FRA

GET
H3 200 Footer.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 1 KB
1 KB 141ms
138ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/Footer.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191cbf6625670a91d1b6bd273572762e97f56e9ea9103adecd88d13ece0d0126

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"58d-5f7cd6cd348b7"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsS5ej5xLHsHI0PN6U%2BUrGKRTjDEt4GHAg18Q6eCqBvS6M6fPHdcb%2BkoxsYWKONIag34pavpiZ918vTG6eWJjvMyk0HfkuXMWitg8M3XAzvZyCHy48F%2BOP4WdLuoUr54Ezc2IvPVT0Oop%2BRav6MTjvc7M2H04WW%2BBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404ac8823688-FRA

GET
H3 200 LoginHeader.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 1 KB
1 KB 125ms
123ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/LoginHeader.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9713c0efdaef3e050fa61ba3f0ca56fb3d7ce7d839884ccc072f511d37fbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"43b-5f7cd6ce1d351"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvqqYZX%2FeyA4Ztk5cB0ETI973yA%2FFzx4xTms85KiKnHsNRRFyqjBQbLt7B6hXzlouwGnkMibiJ6QsDwWilVyGQAqX5X3DBk8rxMp%2FEv1zVrGtIYA7z14Y%2FIbVToz72Wn%2FcpyJk6kkCO7dPbjuXqFJ5NqgEENmrQr5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404ac8833688-FRA

GET
H2 200 vue-swal.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 45 KB
13 KB 192ms
189ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/vue-swal.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ac91354b1008448f70e4f329ea1675d3dfe80a795e88a1bf9a4b87749c6f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://foxpost.safepayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:53 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"b57f-5f7cd6d1093e3"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Dv4CtWj%2F9ycAePGopfhUXv%2BZOGyAkZ%2BnNWFMdmPhscHbK1ycGm4enec%2Fza0zxrABAKt2xXN0%2BDP34MOf%2BwmPa0fQgpQ%2FLuy4C62Qf53pw42KHx1nbC9Bb4GhTButG22gMX6qqgmhNu0ObpRGNNF%2BZOcPIGKXrcO%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9659975-FRA

GET
H2 200 axios.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 20 KB
8 KB 162ms
158ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/axios.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://foxpost.safepayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:47 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"511b-5f7cd6cb8527a"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWAmmPhAbzEQfwJ0x2LzjzPZyD%2BRWLcnNH5U%2FZ1TaYDyDHJHH3IUs5lY86rEgHukrwTmq4qPOFCLrqV8XVLwz5eD3%2BV2T3e7rWmh4N8guz2qXzxqBlVJCo8Hld29fHMubeUCNZeYUCY0hFH23iRFVuMiU%2F1t67AulQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048b96d9975-FRA

GET
H2 200 jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 87 KB
32 KB 190ms
188ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://foxpost.safepayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"15d9d-5f7cd6cd8ea1a"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9E3m%2BlGd1y8F21y9gGHlzajFfnX7k%2BVC8DF%2FNmTF8nmrvugfpCNCQE8LnkKOxknXSktEVEmCpVoAO1nOPxwdKQt8Ks4%2FDw9YZhE1Sm6meZeZ8iWMSC%2BQejl5Qdj34n935LF4f74SA1W9cnKbeiPKVIhIOcTw1%2FYBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048b96e9975-FRA

GET
H2 200 bootstrap.bundle.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 76 KB
24 KB 215ms
213ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/bootstrap.bundle.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://foxpost.safepayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:48 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"13131-5f7cd6cbe97ec"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4HCa4ir7RDaA9SXgi1Y8ZxU7W0QdkBakqSWg5ZbH4Vx35lReCofQW0No3MKUicKc1kXn6%2ByUDJPSoRCc%2F8cT3pX4byliIJ9Wm5dudamVUu7gFhEZI8GTmHXZShy2LooyvCBKS1W21wEJ4z9oL4pxw%2FB9S3ylltbSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048b96f9975-FRA

GET
H2 200 popper.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 18 KB
8 KB 177ms
175ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/popper.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://foxpost.safepayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:51 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"496b-5f7cd6cecac9e"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCnNeKjnp1g2fpCzDJAegRrOGv3nAR6FkGBwL4HCzNIOVciwEABxQoDnWcnqZDDr4Y0UQX19UMbMGO7c0OV08OOwNemXvUsXl61Edbly6JhJKChgtdn%2BgeHDo0YzaXvnATlwuN1jz3%2Bvm6KT7OPP9gOuZGX3QvD8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048b9709975-FRA

GET
H2 200 bootstrap.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 58 KB
17 KB 139ms
137ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/bootstrap.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://foxpost.safepayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"e753-5f7cd6cca76f0"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOaP5F4PdCPlSoh637dTMZD9jqLqYn5BxsAbphlJn923OGoynwSegTa9rvUvgTPFvs%2FBkxDUd0%2Bn2T1Mk6m44fk7e7IFlzYS0kbWpBuVBLYJD8VRiGCIxFLvDVg0wG%2BTGM6GLe0Pqt4D%2BkX%2BVZXARu1txaUm7qsU9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048b9719975-FRA

GET
H2 200 sweetalert.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 40 KB
12 KB 205ms
203ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/sweetalert.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:52 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"9f68-5f7cd6d039f88"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqFDkbKDrygwozUEPUDKYTTAlNa%2FhhqEo0Hcn%2Bmxig9zDZD%2Bg3dUlOgQxpNoKDWBgaY1jFt4Yu2xFHADoPC8bVM%2Foy6EsC8KVcQZkkec3o1IyTUM6R4KgCyfUxwjqiRK8hOaWCvhAJtiFvQypaNbTd59bsXnHlQPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048b9749975-FRA

GET
H3 200 main.js(1).%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 257 B
931 B 131ms
129ms Script
text/plain 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/main.js(1).%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cace9fffad20da7bc120c3856f1ed33f324df8714cc87f1a604d7def16561af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 257
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "101-5f7cd6ce6ad7c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3m4%2FFlxVGof6tOF%2FCB7DfuwyySBSTd%2BZXaQwop2QG2Vgcn4KIQGxxlsZUt2FRW8LPEqVuv568pjqugXI4d%2FcH5lARhX4uub5sjSJjF%2FPGKrM6iK2pTc9AJD%2F%2BlpDjW5J4nvE9avD52T7zwYTCmbe9Joyh8At34xLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expect-ct: max-age=0
origin-agent-cluster: ?1
accept-ranges: bytes
cf-ray: 7b62404ac8843688-FRA

GET
H2 200 support_chat.css
foxpost.safepayment.online/ 97 KB
16 KB 249ms
247ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/support_chat.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8927f601a96326dea62ee920d21666f26d1a0cc73e2aad3f5ed9d9bdf950d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 Mar 2023 19:05:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"18447-5f795f5feaf5f"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww8wAcD%2BeJXIYwqSnGa3gph8LXyHZW%2F84%2Bq%2F4i7YQE%2FeWyjjy1L6pXKf39aLubQBSnJP1F%2BBRP93uNFNQwRL8giUzyl%2FQEXaxncgMzP25mvOG6lf4Vz6pjTe%2BpsYOuv5%2Ftsza8LqSq8kTm44kKLdLjtZKrg2xsmF7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9689975-FRA

GET
H2 200 support_parent.css
foxpost.safepayment.online/ 3 KB
1 KB 218ms
216ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/support_parent.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10879a3aa32dde82593b8657bb2822c9a6e2fb3832d73b12e8f2ee4fb86771c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 Mar 2023 19:05:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"d80-5f795f5feb347"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pCBTZHBUPA3%2B1%2BJiy0y493or%2FGnd4ynq1e8exkHB6RCtCoqYGi1WPkXvAghs5zfrZfGjspCbd06AdkGKJON3fZfCg7Mvcmo3DOlE2B4Kjn00RGRfK6MOI%2FJfDm66PWVN6Ds0O65XpjqIvKpww0q%2FQOECtAxOBanMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b624048a9699975-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 17:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 17:08:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:46:06 GMT

GET
H3 200 logo.jpg
foxpost.safepayment.online/raiffeisen_files/ 4 KB
4 KB 143ms
142ms Image
image/jpeg 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/raiffeisen_files/logo.jpg

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5a935fa780fa290efbd34e1580876462619ccd71bb664c45b41dc53329e8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3837
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "efd-5f7cd6ce28ae8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVTretZpLZyVm4wjGHGS5Z42WqRkrBq%2BXpeu1mg%2FGSCpy8Rb%2BXmQofoVFUZE2pJSCv4N8sumQUOd4SbV60sXO92FciisJnZBcLgYJJ%2F9XbtMpcMjRIF%2FGYal4lLs%2FBxwpt5RXlxxs6HTHlUuK%2FmDcDzLgBP7TgaCgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b62404ac8863688-FRA

GET
H3 200 letter.jpg
foxpost.safepayment.online/raiffeisen_files/ 1 KB
2 KB 158ms
157ms Image
image/jpeg 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/raiffeisen_files/letter.jpg

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f6129a9cfdf5d953553d6a0f2ece97abab9b2c8fd7240faef98c4aeaa85979

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1350
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:50 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "546-5f7cd6cddb88d"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lvwh4jsVHt71nA7Bp%2FP%2Bcx6p105fKEjCt%2BrTrWRFGrZ7gv0r6xvlcg0zUskSCkKCvUhTfYylMb0ZNKfzMZa2aHc%2B3A3q2csdTLq7Yo7nehLnbpBQmVCQ5uEFbsC771GB4VcHMrXxYNzjeqh9%2FUNBh%2BaVxd9%2FXwgWkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b62404ac8883688-FRA

GET
H3 200 sso_1_login_960x340px_en.png.jpg
foxpost.safepayment.online/raiffeisen_files/ 44 KB
45 KB 266ms
264ms Image
image/jpeg 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/raiffeisen_files/sso_1_login_960x340px_en.png.jpg

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b789625bcee3b20476d2a50ff122f11352d9aac643326af8ec7ea8dd821a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45010
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:52 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "afd2-5f7cd6cfad1a9"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYD1gFNynVYIYh5fviphu0EE%2FfMFjaJNDP7yXqeLrybdtBy4iEELsTn%2B1dJv%2FMhYn90IJ8QRgmz0vhbTH3XDxQum44D8qqHF48Vp%2BKzL9%2BtZvsg%2Bc5eD6wlvp2zvUGUNNz51NROhOGAj1wVK0Rva72q4ZJbi972y5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b62404ac88a3688-FRA

GET
H3 200 sso_2_login_960x340px_en.jpg
foxpost.safepayment.online/raiffeisen_files/ 46 KB
46 KB 253ms
252ms Image
image/jpeg 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/raiffeisen_files/sso_2_login_960x340px_en.jpg

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66ed6fec5e50cf45b53cc539fb4d554382b9578b1223f1fc2dc0e6374b7d3e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46746
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:52 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "b69a-5f7cd6cfc6bcf"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgq5NaPwVajO%2Fe47XbLFRnf2%2B46Bb16U0y6duwSwlToIILaR13IhVR3ckpd27dZiHX%2BdfJjgXkRPvLMypOhFoJB9FRcGLw0zf8WyAuD%2BXiaHZUDLbumUN37wNjOlrqIQv1Lso62wz3MJ3hRz%2BlbuOM%2BK9a4Fij%2BNJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b62404ac88b3688-FRA

GET
H3 200 arrow_down.jpg
foxpost.safepayment.online/raiffeisen_files/ 1 KB
2 KB 173ms
172ms Image
image/jpeg 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/raiffeisen_files/arrow_down.jpg

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e16461f26bc4b49ac990fde0d412634ed2c048e15b4db7027e5ef67bbde779

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1315
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:47 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "523-5f7cd6cb24f70"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3jqYeGH%2BI00iMZZp%2BWGfOGRMQn6r2vdOpNooScoCTqaBDpySv%2BhJYvWAxyNOtjpQ6HSPTOYYVDlf5xwObsRRnJOSZ66o0cer4aAjm3417UfgRIKY3pA33fm8OpoElWNHmYm11dR9%2Broq0wM7PvMUGjOQMx0mDnMKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b62404ac88c3688-FRA

GET
H3 200 base64-1.0.0-min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 836 B
1 KB 142ms
142ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/base64-1.0.0-min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3fe541f87392ff3465ac2fa1eba95a976674c916df0ea7a86b244a5a503a3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:47 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"344-5f7cd6cb75493"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mtbkd5Bf3p3iqmlpMw9b3vnvSPzcD6yVXAA9jVlEd8aotl4sg70vnfKK%2FvEtbVhenUIhvy0PlWQ2h%2BY%2B6fs4c1n8VGqsRg%2F7OjmmQc%2BMGcqpCqFdCUCInK6Z08hlIIhJ9c5BgNCsY4HPqDSNaYajXIDK5xjAtzAlCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404a98343688-FRA

GET
H3 200 requirejs-2.1.14-min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
foxpost.safepayment.online/raiffeisen_files/ 15 KB
7 KB 144ms
144ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/raiffeisen_files/requirejs-2.1.14-min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a42861ce35463d2c190294968c193050b5b68e8674f44bf51c48f8d4669e602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:51 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"3b74-5f7cd6cf38a68"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4pKxCa%2FucYccFQkaFXPHvIF9QEqqD%2F7qD4xjV%2BZsYV9xYzE3P3YvSnvEStuS2zR3HBpT%2BuG%2FTwRVsWXjjwRUAiOCTb19YLv%2FG7Rhwot%2F107sWgWnUQC9J3zXJFE1DV9oNA81V7QuXa7EkOcreLzsBtvJwo6hZsE9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404a983d3688-FRA

GET
H3 200 clrpxl.gif
foxpost.safepayment.online/raiffeisen_files/ 37 B
736 B 156ms
154ms Image
image/gif 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/raiffeisen_files/clrpxl.gif

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 26 Mar 2023 13:15:49 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "25-5f7cd6cce765c"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WnP%2FAVpPAN3ch%2FQK5t%2FbFkz5rWtsi968bBuJen%2FteSKtwS2E5bl9pNA%2B8z0B0dLmtbFE17Z6d2ljST4Ji1tltrFOu1%2BrT%2FZyUbhEJm%2BIVj3uorCkB4tw5T3MX2yGBjlo4qzURkPXISCzhEX1btOMBuVUQMZ%2BkjOYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b62404ac88e3688-FRA

POST log
eu-edge.ad1x.com/analytics/v1/ 0
0

GET
H3 200 support48435202 Show response
foxpost.safepayment.online/ Frame EC43 22 KB
8 KB 500ms
499ms Document
text/html 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/support48435202

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

c12616b553fc36b7b735436b1b2dfba387b10f4b93efbc7a379150e2336b429d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b62404ae8a93688-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Tue, 11 Apr 2023 09:37:29 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGsyJsYen4PEBB2dHe0E0nBzyD55rnv06qR9Rz8Ipvn6J%2FXFprnsw%2Frl%2BXD83G1KFTmMFPg6h41mL%2Bss%2BPaULyfSgxSk45yZ%2BZi%2B8EnvysJBntEnhqtuOGyWFEFjB8JT%2BEA1oEC3MpchCX4YXA2FLsgNmB40O1lSLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: PHP/7.4.29
x-xss-protection: 0

GET
H3 200 supportIcon.svg
foxpost.safepayment.online/ 1 KB
1 KB 167ms
167ms Image
image/svg+xml 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/supportIcon.svg

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/support_parent.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ae25cd06d69b8e9e2f4d8e545f11298925214dd961cdcec8f3b13c4561d587

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 Mar 2023 19:05:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"43a-5f795f5feaf5f"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTcQA05d9n7C6VDQmvdaLWaG93CrkWdqX22ydox88vVsYtsG5KTtqf%2Fb3LHpShZxWrxzd8oa1qZpXXi0AUnfgATHhitv7harCmMt1NoWd3Mqej7vpNlGhAOmmfc2qdd6KPTcNglbqfYhsgqwUwhPWXq3lVDQyyL8bA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404af8ba3688-FRA

GET
H/1.1

200
OK

sso_7_login_banner_960x260_en.png
www.raiffeisen.hu/documents/10165/1590567/
Redirect Chain

https://www.raiffeisen.hu/sso_1_login_banner_960x340_en
https://www.raiffeisen.hu/documents/10165/1590567/sso_7_login_banner_960x260_en.png

24 KB
24 KB

45ms
45ms

Image
image/png

91.220.172.1
RB-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.raiffeisen.hu/documents/10165/1590567/sso_7_login_banner_960x260_en.png

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen

Protocol

HTTP/1.1

Server

91.220.172.1 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),

Reverse DNS

www.raiffeisen.hu

Software

Apache /

Resource Hash

2053767df28653e50df5f4350f69f83c76cd28fbed33b8008e06f2f5ed1ff197

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foxpost.safepayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 09:37:28 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 13:24:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800, s-maxage=604800,public
Content-Disposition: inline; filename="sso_7_login_banner_960x260_en.png"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 24094
X-XSS-Protection: 1; mode=block
Expires: Tue, 18 Apr 2023 09:37:28 GMT

Redirect headers

Date: Tue, 11 Apr 2023 09:37:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Server: Apache
X-Frame-Options: SAMEORIGIN
Location: https://www.raiffeisen.hu/documents/10165/1590567/sso_7_login_banner_960x260_en.png
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET

Roboto-Regular.ttf
foxpost.hu/fonts/
Redirect Chain

https://foxpost.safepayment.online/fonts/Roboto-Regular.ttf
https://foxpost.hu/fonts/Roboto-Regular.ttf

0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ Frame EC43 84 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/support48435202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 17:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 17:08:48 GMT

GET
H3 200 support_chat.css
foxpost.safepayment.online/ Frame EC43 97 KB
16 KB 213ms
212ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/support_chat.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/support48435202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8927f601a96326dea62ee920d21666f26d1a0cc73e2aad3f5ed9d9bdf950d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 Mar 2023 19:05:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"18447-5f795f5feaf5f"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jCUw3aqsX0MW%2BW7zVy2LG00gyohNpCH4YDxjzYSlfgQvMyKfx3wDf0hNAZPZb8M1QriapCKwZUD8VreoCbpHk6KQ5VrEvPsOnTCFQp13pAWy0LBW%2BlaplkL2zoZBhf%2BAMOTLAEGq1EkvPrYAQ5sqBfzQduSG%2B%2F7Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404e2d8d3688-FRA

GET
H3 200 support_parent.css
foxpost.safepayment.online/ Frame EC43 3 KB
1 KB 141ms
140ms Stylesheet
text/css 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/support_parent.css

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/support48435202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10879a3aa32dde82593b8657bb2822c9a6e2fb3832d73b12e8f2ee4fb86771c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 Mar 2023 19:05:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"d80-5f795f5feb347"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBc%2FmcWjAtRzjqLjGFsOHQfGMpaXT0YEOyqMjjIxh4cIOC30pne63dKAnOEzHm7HJm4zzagW9xKQZ%2FdJK1AQPjaiUArsVT1YkmZB1vDP1F%2FiFVRgYbToIV3oz%2BQtBaaeCwc4KUWN5AfAticvULYs%2FmWDhxG34QL1BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404e2d8f3688-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ Frame EC43 84 KB
29 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/support48435202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Apr 2024 07:46:06 GMT

GET
H3 200 skrepka.svg
foxpost.safepayment.online/ Frame EC43 1 KB
1 KB 112ms
112ms Image
image/svg+xml 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foxpost.safepayment.online/skrepka.svg

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/support48435202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa2f008745820780dc1f140fd8b42a7a1909188243866b4e98370bcb2e6b0e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 Mar 2023 19:05:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"476-5f795f5feaf5f"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3F64KsegDOpBFVhkfKfkH4KGcyNRZptwI8uPggFIz4lZkgwNnP3SrKcgqPEcMJxRBAT9AybWYzKQj%2F9PbvQC6sdbxoevLQqw6RJwhkobM7LMdy3gsmJFCGmPT8jKYh1gJvFPBRQJXyoec94JemyGVrVNWpxxJS7eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404f0ecc3688-FRA

GET
H3 200 support.js Show response
foxpost.safepayment.online/ Frame EC43 5 KB
2 KB 140ms
140ms Script
application/javascript 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/support.js

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/support48435202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d13e7a1d0f34641fef59b6808e29d722be838229d3980c69a4f209b67d2905

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 09:37:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 23 Mar 2023 19:05:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"139d-5f795f5feaf5f"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8YFVoNhzhdQz4HqDJUbYCMVByaZIZUw9RnPYrGIp9HaTl%2FgcDJdzfpStffzuVMSWjCnWzQff8Ooj3VEaPbpNg85pxzKQ%2BS1CAT73jr7FtAYI%2ByyrwwzzwaCzAVEKTHAh1bEE9HzOPnLws7kBttZrkVZcuOBF99%2FkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62404f8f603688-FRA

POST
H3 200 getMessages.php Show response
foxpost.safepayment.online/ Frame EC43 0
668 B 461ms
461ms XHR
text/html 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/getMessages.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 09:37:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-powered-by: PHP/7.4.29
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D%2BDBYiWBDbdlB3cIAYihZZiD2zSHrfJPBprYbVeI6Xkwsakl46%2BH6XRJRZreZeK8rj9%2FpzHP7P7qWKC4xCYEMskE%2Fdgyz28UgOqKTqqJc7VwZsDVDla4NgrN%2FKuBlTTPjUVbgosB2VFNVyUvRLmEUzHahjsLdhhYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62405068ae3688-FRA

GET
H/1.1

200
OK

/
eu-edge.ad1x.com/ Frame 9691
Redirect Chain

https://eu-edge.ad1x.com/analytics/her.html?apiKey=21e6b288-bd75-410f-9425-e5e86d7d7cd5
https://eu-edge.ad1x.com/

0
0

116ms
95ms

Document
text/html

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-edge.ad1x.com/
Requested by: Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/raiffeisen_files/cognition.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 Apr 2023 09:37:31 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 Apr 2023 09:37:30 GMT
Location: /
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

POST
H/1.1 200
OK JfwQXjxWTCGZqn0 Show response
sso.raiffeisen.hu/ 61 B
1 KB 275ms
171ms XHR
text/html 91.220.172.27
RB-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.raiffeisen.hu/JfwQXjxWTCGZqn0?sid=ultdC5206OFFC0S1GguImk0147HpQCBd&tc9g=O2ra2A6wDuOrET5gLnc1QGroDJsUebL7

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/raiffeisen_files/kBczkLTXsUBMP6k.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),

Reverse DNS

Software

nginx /

Resource Hash

dada2318e0981655d841befde439662c010d398abc8f10818cd302bbc4ec5c35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://www.raiffeisen.hu https://127.0.0.1:7070 https://127.0.0.1:63334 https://browseranalytic.com https://.browseranalytic.com; frame-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://browseranalytic.com https://.browseranalytic.com; img-src 'self' https://www.raiffeisen.hu https://browseranalytic.com https://*.browseranalytic.com; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: text/plain

Response headers

Date: Tue, 11 Apr 2023 09:37:29 GMT
X-Correlation-Id: 8fe94755-944b-4d84-b85f-00c59982151f
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy: default-src 'self'; connect-src 'self' https://www.raiffeisen.hu https://127.0.0.1:7070 https://127.0.0.1:63334 https://browseranalytic.com https://*.browseranalytic.com; frame-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://browseranalytic.com https://*.browseranalytic.com; img-src 'self' https://www.raiffeisen.hu https://browseranalytic.com https://*.browseranalytic.com; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; style-src 'unsafe-inline' 'self'
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Server: nginx
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Authorization

POST log
eu-edge.ad1x.com/analytics/v1/ 0
0

POST
H/1.1 200
OK JfwQXjxWTCGZqn0 Show response
sso.raiffeisen.hu/ 60 B
1 KB 204ms
161ms XHR
text/html 91.220.172.27
RB-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.raiffeisen.hu/JfwQXjxWTCGZqn0?sid=ultdC5206OFFC0S1GguImk0147HpQCBd&tc9g=O2ra2A6wDuOrET5gLnc1QGroDJsUebL7

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/raiffeisen_files/kBczkLTXsUBMP6k.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),

Reverse DNS

Software

nginx /

Resource Hash

c15ea0cfab7f24256d1c71f0b8a4484c1fe077afbf953f5250d4ccbcc62ba0d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://www.raiffeisen.hu https://127.0.0.1:7070 https://127.0.0.1:63334 https://browseranalytic.com https://.browseranalytic.com; frame-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://browseranalytic.com https://.browseranalytic.com; img-src 'self' https://www.raiffeisen.hu https://browseranalytic.com https://*.browseranalytic.com; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: text/plain

Response headers

Date: Tue, 11 Apr 2023 09:37:30 GMT
X-Correlation-Id: 785fe935-f0f2-4043-9748-c80a22fa59d9
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy: default-src 'self'; connect-src 'self' https://www.raiffeisen.hu https://127.0.0.1:7070 https://127.0.0.1:63334 https://browseranalytic.com https://*.browseranalytic.com; frame-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://browseranalytic.com https://*.browseranalytic.com; img-src 'self' https://www.raiffeisen.hu https://browseranalytic.com https://*.browseranalytic.com; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; style-src 'unsafe-inline' 'self'
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Server: nginx
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Authorization

POST
H/1.1 200
OK JfwQXjxWTCGZqn0 Show response
sso.raiffeisen.hu/ 0
1 KB 140ms
140ms XHR
text/html 91.220.172.27
RB-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.raiffeisen.hu/JfwQXjxWTCGZqn0?eh=29Ks

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/raiffeisen_files/kBczkLTXsUBMP6k.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.220.172.27 Budapest, Hungary, ASN41694 (RB-HU-AS, HU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://www.raiffeisen.hu https://127.0.0.1:7070 https://127.0.0.1:63334 https://browseranalytic.com https://.browseranalytic.com; frame-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://browseranalytic.com https://.browseranalytic.com; img-src 'self' https://www.raiffeisen.hu https://browseranalytic.com https://*.browseranalytic.com; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: text/plain

Response headers

Date: Tue, 11 Apr 2023 09:37:30 GMT
X-Correlation-Id: 4a73abf4-8e87-4767-b656-2716bfefbad9
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy: default-src 'self'; connect-src 'self' https://www.raiffeisen.hu https://127.0.0.1:7070 https://127.0.0.1:63334 https://browseranalytic.com https://*.browseranalytic.com; frame-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://browseranalytic.com https://*.browseranalytic.com; img-src 'self' https://www.raiffeisen.hu https://browseranalytic.com https://*.browseranalytic.com; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; style-src 'unsafe-inline' 'self'
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Server: nginx
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type,Authorization

POST
H3 200 checkOnline1.php Show response
foxpost.safepayment.online/ 1 B
668 B 445ms
445ms XHR
text/html 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/checkOnline1.php

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/raiffeisen_files/main.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 09:37:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-powered-by: PHP/7.4.29
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gi5cp9kfdTOOfu4tuObCYDJvYFTTlGLgwnM2ZH%2FYk9kCiOjatpi6zUra73O268VfsJcnfYUoGNwfhr%2BruwZ3P9SSCHNPwdBwOvRKWgyjgwrfDAIgP1SbdzXsRrqJg2E90w7kTbY38NxPEWrqYDO6WwZLlpJl7a3CaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b6240578b0f3688-FRA

POST
H3 200 playAudio.php Show response
foxpost.safepayment.online/ 0
663 B 536ms
535ms XHR
text/html 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/playAudio.php

Requested by

Host: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/raiffeisen_files/main.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 09:37:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-powered-by: PHP/7.4.29
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDmLvEtSq%2BqWscpM3P1Mb6rXzT3i3L36jKWGTNP8NDpWk1RJ3Akn7LdO9krTh%2FTuUR711wxqKi1iyUipaw9hCgnyj5YUGBbwXgdTCys%2BO2wTz1uhf9jqUr58UVRvVzhZXu61IlfOjAmOtLLF7zT1OtiXNGxhs4V4dw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62405a9fb63688-FRA

POST
H3 200 checkOnline1.php Show response
foxpost.safepayment.online/ Frame EC43 1 B
672 B 437ms
437ms XHR
text/html 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/checkOnline1.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 09:37:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-powered-by: PHP/7.4.29
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tq5%2BHNLgUDKVfFMAYxlo8TKp5eWa2dFTrKIirKB%2BWXv7h2fqYnv%2BJeDKj2hHXLSQZByhq7rfU71XWgxRVOfXdkdvbfrDEwsoTrr8ai69brbW70VsSBeQfDvqdPoawluXWsiPl%2FLNlzSWLn%2FiuiHu9mpRQMqhG4IU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b62405c09dc3688-FRA

POST
H3 200 getMessages.php Show response
foxpost.safepayment.online/ Frame EC43 0
663 B 446ms
446ms XHR
text/html 2606:4700:3031::6815:1dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://foxpost.safepayment.online/getMessages.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 09:37:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-powered-by: PHP/7.4.29
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7bb8pXTboe%2B6f5mcQJXorMcuLtcjK59UTlMYkwsN2wmWm3B8BFUFovTYDaWteLqInjJ2NA%2Fd0ApS86hGEBVOw1SPIKcyHjwjhxA6MEGw43Amc9uReFOnEKb%2FisLhF4V6Fb5Jfd5X0d5Sdbimp6j2mYbu6%2BuUq3pFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b6240633c973688-FRA

POST checkOnline1.php
foxpost.safepayment.online/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eu-edge.ad1x.com
URL: https://eu-edge.ad1x.com/analytics/v1/log

Domain: foxpost.hu
URL: https://foxpost.hu/fonts/Roboto-Regular.ttf

Domain: eu-edge.ad1x.com
URL: https://eu-edge.ad1x.com/analytics/v1/log

Domain: eu-edge.ad1x.com
URL: https://eu-edge.ad1x.com/analytics/v1/log

Domain: foxpost.safepayment.online
URL: https://foxpost.safepayment.online/checkOnline1.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Raiffeisen Bank (Banking)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
foxpost.safepayment.online/	1970-01-20 11:20:15	Name: 7f46165474d11ee5836777d85df2cdab Value: NDg0MzUyMDI5MDc2MjU1Mg%3D%3D
foxpost.safepayment.online/	1970-01-20 11:20:15	Name: e58664f08888333ef3d1f5f076b769ba Value: NDg0MzUyMDIzNTAyMDkxMw%3D%3D
foxpost.safepayment.online/	1970-01-20 11:20:15	Name: 0800fc577294c34e0b28ad2839435945 Value: OWUxN2I5NGJiYTExN2ZlMzMxNDc5MTY2MDM2ODBkMGM%3D
foxpost.safepayment.online/	1970-01-20 11:20:15	Name: wSessionID Value: s%3A59ilyC9x-PooQU2oc-k9_7PKn1_zRJLe.8MR8DKfkLBa2e1vWQB1ZU9YXyW%2FVjwCepoYemdq0nZM
foxpost.safepayment.online/	1970-01-20 11:20:15	Name: Uvm1cgfZbWMJiE5 Value: ultdC5206OFFC0S1GguImk0147HpQCBd
foxpost.safepayment.online/	1970-01-20 11:20:15	Name: cKwmJlCqPDOEUIi Value: O2ra2A6wDuOrET5gLnc1QGroDJsUebL7
.safepayment.online/	1970-01-20 11:00:07	Name: cognition_cid Value: faa85523103c613052e36108803b9d51

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen Message: Refused to execute script from 'https://foxpost.safepayment.online/raiffeisen_files/main.js(1).%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
javascript	error	URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen Message: Access to XMLHttpRequest at 'https://eu-edge.ad1x.com/analytics/v1/log' from origin 'https://foxpost.safepayment.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://eu-edge.ad1x.com/analytics/v1/log Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen Message: Access to font at 'https://foxpost.hu/fonts/Roboto-Regular.ttf' (redirected from 'https://foxpost.safepayment.online/fonts/Roboto-Regular.ttf') from origin 'https://foxpost.safepayment.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://foxpost.hu/fonts/Roboto-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://foxpost.safepayment.online/raiffeisen_files/kBczkLTXsUBMP6k.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F(Line 71) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript	error	URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen Message: Access to XMLHttpRequest at 'https://eu-edge.ad1x.com/analytics/v1/log' from origin 'https://foxpost.safepayment.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://eu-edge.ad1x.com/analytics/v1/log Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://foxpost.safepayment.online/unlock48435202?id=raiffeisen Message: Access to XMLHttpRequest at 'https://eu-edge.ad1x.com/analytics/v1/log' from origin 'https://foxpost.safepayment.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://eu-edge.ad1x.com/analytics/v1/log Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
eu-edge.ad1x.com
foxpost.hu
foxpost.safepayment.online
sso.raiffeisen.hu
www.raiffeisen.hu
eu-edge.ad1x.com
foxpost.hu
foxpost.safepayment.online
142.132.202.70
2606:4700:3031::6815:1dd
2a00:1450:4001:828::200a
91.220.172.1
91.220.172.27
06b68c4bf29b2300633468b6bd8d43cf2436bd4d90973e4355fb1f8be8d5cd30
10879a3aa32dde82593b8657bb2822c9a6e2fb3832d73b12e8f2ee4fb86771c1
18ae25cd06d69b8e9e2f4d8e545f11298925214dd961cdcec8f3b13c4561d587
191cbf6625670a91d1b6bd273572762e97f56e9ea9103adecd88d13ece0d0126
2053767df28653e50df5f4350f69f83c76cd28fbed33b8008e06f2f5ed1ff197
24ac91354b1008448f70e4f329ea1675d3dfe80a795e88a1bf9a4b87749c6f21
25e16461f26bc4b49ac990fde0d412634ed2c048e15b4db7027e5ef67bbde779
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
56edd1215abf97ba176b58eec0009c2bc75010ba0679791d496a386998459eb9
5f760dbb1afde73f1f4de9e327903a7c2156225f54cae044c12b73502c4c5018
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
66ed6fec5e50cf45b53cc539fb4d554382b9578b1223f1fc2dc0e6374b7d3e06
687f1ec05718a1cce2a59efc664e16d137da21a5af854f57d353f89d0003a04c
6a42861ce35463d2c190294968c193050b5b68e8674f44bf51c48f8d4669e602
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
7562bb77204404afebc5bb8fad5ff7a63416c6ca62cc1cd6382e9678413cf120
7d53f1c1a977fdefd37aad4008c6e032203137800db2f304657b991b757d1fb8
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8e2b734d2c44baaefbb2cecfe29d0794ee5b8e00cbdcf1797b0820597bab70d4
922aed0919eb8380f2becb46bebf76399d88e52d3bbe3a521d96542129069b89
9e9713c0efdaef3e050fa61ba3f0ca56fb3d7ce7d839884ccc072f511d37fbaa
a5a935fa780fa290efbd34e1580876462619ccd71bb664c45b41dc53329e8767
aa2f008745820780dc1f140fd8b42a7a1909188243866b4e98370bcb2e6b0e3f
b1f6129a9cfdf5d953553d6a0f2ece97abab9b2c8fd7240faef98c4aeaa85979
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c12616b553fc36b7b735436b1b2dfba387b10f4b93efbc7a379150e2336b429d
c15ea0cfab7f24256d1c71f0b8a4484c1fe077afbf953f5250d4ccbcc62ba0d7
c1c4fea8c3d1238eaffbc7613dc1118a83ead2f5b0c06f81cb6b975476f93b7d
c8d13e7a1d0f34641fef59b6808e29d722be838229d3980c69a4f209b67d2905
cace9fffad20da7bc120c3856f1ed33f324df8714cc87f1a604d7def16561af2
d1bfefae8013a12c42cead9d1da250a76ebf14bcd06eb3c30c52a6417797471a
dada2318e0981655d841befde439662c010d398abc8f10818cd302bbc4ec5c35
dc8927f601a96326dea62ee920d21666f26d1a0cc73e2aad3f5ed9d9bdf950d8
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
f3fe541f87392ff3465ac2fa1eba95a976674c916df0ea7a86b244a5a503a3e0
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f8b789625bcee3b20476d2a50ff122f11352d9aac643326af8ec7ea8dd821a25
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

foxpost.safepayment.online Open in urlscan Pro 2606:4700:3031::6815:1dd Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

88 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

756 kBTransfer

2271 kBSize

7 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

foxpost.safepayment.online Open in urlscan Pro
2606:4700:3031::6815:1dd Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

88 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

756 kB
Transfer

2271 kB
Size

7
Cookies

56 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!