pfxdirect.paymentearth.com Open in urlscan Pro
74.208.230.246 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pfxdirect.paymentearth.com/
Submission: On February 12 via automatic, source certstream-suspicious (February 12th 2024, 2:50:49 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 74.208.230.246, located in United States and belongs to . The main domain is pfxdirect.paymentearth.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 11th 2023. Valid for: a year.

This is the only time pfxdirect.paymentearth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	74.208.230.246 74.208.230.246		() ()
10	1

10 74.208.230.246 (United States)

ASN- ()
PTR: u20861267.onlinehome-server.com

pfxdirect.paymentearth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	paymentearth.com pfxdirect.paymentearth.com	2 MB
10	1

	Domain	Requested by
10	pfxdirect.paymentearth.com	pfxdirect.paymentearth.com
10	1

This site contains links to these domains. Also see Links.

Domain
paymentearth.us13.list-manage.com
paymentearth.com

Subject Issuer	Validity	Valid
pfxdirect.paymentearth.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-11` - `2024-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pfxdirect.paymentearth.com/
Frame ID: CE9888F6E0DAFE73FC0E88EAAA5A6D45
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PFX Online

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1787 kB
Transfer

1778 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://paymentearth.us13.list-manage.com/subscribe?u=5bf7b4b9ae43aec1edeb5b8a7&id=f8213b9188
Title: Sign up for our market updates

Search URL Search Domain Scan URL

URL: https://paymentearth.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pfxdirect.paymentearth.com/ 44 KB
45 KB 778ms
270ms Document
text/html 74.208.230.246

General

Check archive.org

Show headers Download Go to

Full URL

https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5 www.nexolink.com / www.nexolink.com

Resource Hash

986fafefff79705348d2c92e2852710611e82d10e550e30a690cb1552f87635e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Length: 44700
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Feb 2024 14:50:42 GMT
ETag: 2017E2EFXOnline
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5 www.nexolink.com
Strict-Transport-Security: max-age=31536000;
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK NunitoSans-Regular.woff2
pfxdirect.paymentearth.com/fonts/ 33 KB
34 KB 600ms
363ms Font
application/font-woff2 74.208.230.246

General

Check archive.org

Show headers Download Go to

Full URL

https://pfxdirect.paymentearth.com/fonts/NunitoSans-Regular.woff2

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

0cdf90da6a073da50ac8df3c6911dea1eb3dd0cb146d267b47d9eaea6fbacea3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pfxdirect.paymentearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:42 GMT
Last-Modified: Mon, 06 Sep 2021 16:49:58 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: "07fe0393fa3d71:0",2017E2EFXOnline
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 33792
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK basecss
pfxdirect.paymentearth.com/css/ 150 KB
151 KB 261ms
132ms Stylesheet
text/css 74.208.230.246

General

Check archive.org

Show headers Download Go to

Full URL

https://pfxdirect.paymentearth.com/css/basecss?v=jGTnowp2aCmACFw8VzmY_9u0KbAyM8PqH4zpCQ5eO7Y1

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

1ffb235b12682d11e2b509691f5efe0d8ed19a9e783e5d4830c71dc6e6ff0d45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pfxdirect.paymentearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:42 GMT
Last-Modified: Mon, 12 Feb 2024 14:50:43 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: 2017E2EFXOnline
X-Powered-By: www.nexolink.com
Vary: User-Agent
x-frame-options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 153838
x-xss-protection: 1; mode=block
Expires: Tue, 11 Feb 2025 14:50:43 GMT

GET
H/1.1 200
OK basejs Show response
pfxdirect.paymentearth.com/js/ 1 MB
1 MB 598ms
360ms Script
text/javascript 74.208.230.246

General

Check archive.org

Show headers Download Go to

Full URL

https://pfxdirect.paymentearth.com/js/basejs?v=JradTmDVo0i0aztLfIwWe19Ol3-t8t6bthyDpC8RP4k1

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

c351ff7146ff7e05ab6f683c4793b9839a3dcec38540ec4aefb44c081b821ec6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pfxdirect.paymentearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:42 GMT
Last-Modified: Mon, 12 Feb 2024 14:50:43 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: 2017E2EFXOnline
X-Powered-By: www.nexolink.com
Vary: User-Agent
x-frame-options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 1077463
x-xss-protection: 1; mode=block
Expires: Tue, 11 Feb 2025 14:50:43 GMT

GET
H/1.1 200
OK logo-large-paymentearth-fx.png
pfxdirect.paymentearth.com/img/ 6 KB
7 KB 497ms
254ms Image
image/png 74.208.230.246

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pfxdirect.paymentearth.com/img/logo-large-paymentearth-fx.png

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

c7045f9b74cf950255f2cb3f10762640e30e61af94b0280ab56b90a6d3205e48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pfxdirect.paymentearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:42 GMT
Last-Modified: Mon, 06 Sep 2021 16:50:04 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: "06743d3fa3d71:0",2017E2EFXOnline
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 6183
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK logo-paymentearth-fx-footer.png
pfxdirect.paymentearth.com/img/ 5 KB
5 KB 406ms
270ms Image
image/png 74.208.230.246

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pfxdirect.paymentearth.com/img/logo-paymentearth-fx-footer.png

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

5e1c9d5bb6dd4d4939e9961e61ff4f68b865a224acd073c414042bd490fee6a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pfxdirect.paymentearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:42 GMT
Last-Modified: Mon, 06 Sep 2021 16:50:04 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: "06743d3fa3d71:0",2017E2EFXOnline
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 4682
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK app.js Show response
pfxdirect.paymentearth.com/js/ 565 B
1 KB 127ms
127ms Script
text/javascript 74.208.230.246

General

Check archive.org

Show headers Download Go to

Full URL

https://pfxdirect.paymentearth.com/js/app.js

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

e5be397281b115419c145fbcc65d6cf16aa1fa9c41357a9e28e636c4890a75d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pfxdirect.paymentearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:42 GMT
Last-Modified: Mon, 06 Sep 2021 16:50:20 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: "06efd463fa3d71:0",2017E2EFXOnline
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 565
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK NunitoSans-Regular.woff2
pfxdirect.paymentearth.com/fonts/ 33 KB
34 KB 121ms
120ms Font
application/font-woff2 74.208.230.246

General

Check archive.org

Show headers Download Go to

Full URL

https://pfxdirect.paymentearth.com/fonts/NunitoSans-Regular.woff2

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/css/basecss?v=jGTnowp2aCmACFw8VzmY_9u0KbAyM8PqH4zpCQ5eO7Y1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

0cdf90da6a073da50ac8df3c6911dea1eb3dd0cb146d267b47d9eaea6fbacea3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pfxdirect.paymentearth.com/css/basecss?v=jGTnowp2aCmACFw8VzmY_9u0KbAyM8PqH4zpCQ5eO7Y1
Origin: https://pfxdirect.paymentearth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:44 GMT
Last-Modified: Mon, 06 Sep 2021 16:49:58 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: "07fe0393fa3d71:0",2017E2EFXOnline
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 33792
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK fontawesome-webfont.woff2
pfxdirect.paymentearth.com/fonts/ 75 KB
76 KB 140ms
140ms Font
application/font-woff2 74.208.230.246

General

Check archive.org

Show headers Download Go to

Full URL

https://pfxdirect.paymentearth.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/css/basecss?v=jGTnowp2aCmACFw8VzmY_9u0KbAyM8PqH4zpCQ5eO7Y1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pfxdirect.paymentearth.com/css/basecss?v=jGTnowp2aCmACFw8VzmY_9u0KbAyM8PqH4zpCQ5eO7Y1
Origin: https://pfxdirect.paymentearth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:44 GMT
Last-Modified: Mon, 06 Sep 2021 16:49:56 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: "052af383fa3d71:0",2017E2EFXOnline
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 77160
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK slide-paymentearth-banner-1.jpg
pfxdirect.paymentearth.com/img/background/ 379 KB
380 KB 254ms
254ms Image
image/jpeg 74.208.230.246

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pfxdirect.paymentearth.com/img/background/slide-paymentearth-banner-1.jpg

Requested by

Host: pfxdirect.paymentearth.com
URL: https://pfxdirect.paymentearth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

74.208.230.246 , United States, ASN (),

Reverse DNS

u20861267.onlinehome-server.com

Software

Microsoft-IIS/8.5, www.nexolink.com / www.nexolink.com

Resource Hash

379a57afa39fdae9d28fa8a8694a5af2e4af9d7b14d3b72e496d0eeeef8d147b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pfxdirect.paymentearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Date: Mon, 12 Feb 2024 14:50:44 GMT
Last-Modified: Mon, 06 Sep 2021 16:50:08 GMT
Server: Microsoft-IIS/8.5, www.nexolink.com
ETag: "060d63f3fa3d71:0",2017E2EFXOnline
X-Powered-By: www.nexolink.com
x-frame-options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 388553
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pfxdirect.paymentearth.com/	1969-12-31 23:59:59	Name: e2eFXOnlineSessionId Value: ed3aevsbsokx3rg1kyunmvcu
pfxdirect.paymentearth.com/	1970-01-21 03:09:31	Name: e2efxFirstVisitFirstVisit Value: 0
pfxdirect.paymentearth.com/	1969-12-31 23:59:59	Name: __AntiXsrfTokenC Value: 18b2bc880563468d8a489bd85dd42dca
pfxdirect.paymentearth.com/	1970-01-21 03:09:31	Name: e2efxFirstVisitId Value: e2eonlineed3aevsbsokx3rg1kyunmvcu

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pfxdirect.paymentearth.com/js/basejs?v=JradTmDVo0i0aztLfIwWe19Ol3-t8t6bthyDpC8RP4k1(Line 3) Message: A preload for 'https://pfxdirect.paymentearth.com/fonts/NunitoSans-Regular.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://pfxdirect.paymentearth.com/ Message: The resource https://pfxdirect.paymentearth.com/fonts/NunitoSans-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com; img-src 'self'; font-src 'self' http://fonts.gstatic.com; connect-src 'self' https://pfxonline.paymentearth.com/ https://ipv4.icanhazip.com/ https://api.ipify.org/ https://pfxdirect.paymentearth.com/e2eAPIReact/; form-action 'self'; child-src 'self'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pfxdirect.paymentearth.com
74.208.230.246
0cdf90da6a073da50ac8df3c6911dea1eb3dd0cb146d267b47d9eaea6fbacea3
1ffb235b12682d11e2b509691f5efe0d8ed19a9e783e5d4830c71dc6e6ff0d45
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
379a57afa39fdae9d28fa8a8694a5af2e4af9d7b14d3b72e496d0eeeef8d147b
5e1c9d5bb6dd4d4939e9961e61ff4f68b865a224acd073c414042bd490fee6a5
986fafefff79705348d2c92e2852710611e82d10e550e30a690cb1552f87635e
c351ff7146ff7e05ab6f683c4793b9839a3dcec38540ec4aefb44c081b821ec6
c7045f9b74cf950255f2cb3f10762640e30e61af94b0280ab56b90a6d3205e48
e5be397281b115419c145fbcc65d6cf16aa1fa9c41357a9e28e636c4890a75d7

pfxdirect.paymentearth.com Open in urlscan Pro 74.208.230.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1787 kBTransfer

1778 kBSize

4 Cookies

2 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

4 Cookies

2 Console Messages

Security Headers

Indicators

pfxdirect.paymentearth.com Open in urlscan Pro
74.208.230.246 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1787 kB
Transfer

1778 kB
Size

4
Cookies

10 HTTP transactions
0 data transactions