urlscan.io logo urlscan.io
SecurityTrails logo

mail.vulcanpayments.com Open in urlscan Pro
185.52.150.144  Public Scan

Go To Rescan Add Verdict Report
URL: https://mail.vulcanpayments.com/
Submission Tags: phishingrod
Submission: On June 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 185.52.150.144, located in United States and belongs to A2HOSTING, US. The main domain is mail.vulcanpayments.com.
TLS certificate: Issued by R10 on June 18th 2024. Valid for: 3 months.
This is the only time mail.vulcanpayments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 185.52.150.144 55293 (A2HOSTING)
3 104.18.11.207 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
25 8
7    185.52.150.144 (United States)

ASN55293 (A2HOSTING, US)
PTR: 185.52.150.144.static.a2webhosting.com
mail.vulcanpayments.com
vulcanpayments.com
3    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 vulcanpayments.com
mail.vulcanpayments.com
vulcanpayments.com
232 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
ajax.googleapis.com — Cisco Umbrella Rank: 469
32 KB
3 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
49 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
71 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
7 KB
0 asiawebsolution.com Failed
asiawebsolution.com Failed
25 7
Domain Requested by
5 vulcanpayments.com mail.vulcanpayments.com
vulcanpayments.com
2 www.facebook.com mail.vulcanpayments.com
2 connect.facebook.net mail.vulcanpayments.com
connect.facebook.net
2 fonts.googleapis.com mail.vulcanpayments.com
2 maxcdn.bootstrapcdn.com mail.vulcanpayments.com
2 mail.vulcanpayments.com
1 cdnjs.cloudflare.com mail.vulcanpayments.com
1 ajax.googleapis.com mail.vulcanpayments.com
1 stackpath.bootstrapcdn.com mail.vulcanpayments.com
0 asiawebsolution.com Failed vulcanpayments.com
25 10

This site contains links to these domains. Also see Links.

Domain
vulcanpayments.com
vulcan.dontpanictakeout.com
wordpress.org
Subject Issuer Validity Valid
mail.lendings.loan
R10		 2024-06-18 -
2024-09-16		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-28 -
2024-06-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mail.vulcanpayments.com/
Frame ID: 7696BA8C064184432D94F87A019729F0
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

72 %
HTTPS

57 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

395 kB
Transfer

1015 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mail.vulcanpayments.com/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.vulcanpayments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.52.150.144 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.52.150.144.static.a2webhosting.com
Software
Apache / PHP/8.1.28
Resource Hash
0f94242c2a4ff1e6df4d3661c1598728c1f568e344b3fdee78a1403cfa941cf5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4772
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jun 2024 06:46:29 GMT
Keep-Alive
timeout=3, max=500
Link
<https://vulcanpayments.com/wp-json/>; rel="https://api.w.org/"
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/8.1.28
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 06:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
871
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
399880
cdn-cachedat
10/31/2023 18:51:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
89a80850cf648016f7f038802a45eac9
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89618ff88cfabbde-WAW
cdn-requestpullsuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 06:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
417086
cdn-cachedat
10/31/2023 18:59:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3f8d808ea21bb1e968cc6ea80b42e628
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89618ff89cfdbbde-WAW
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		12 KB
785 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:200,300,400,600,700,800,900&display=swap
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dc81212c385fde29771442c0c63e6651be445aa1103f532e3716f6a06fd17f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 06:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 06:46:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 06:46:30 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 06:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 05:27:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 06:46:30 GMT
custom.css
vulcanpayments.com/wp-content/themes/vulcan/css/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vulcanpayments.com/wp-content/themes/vulcan/css/custom.css
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.52.150.144 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.52.150.144.static.a2webhosting.com
Software
Apache /
Resource Hash
64d5bd833f056297a4fd6863f70c87c212a61bdef4d43082ecd16eb9c0c1d5b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 06:46:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Apr 2020 06:07:12 GMT
Server
Apache
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
10849
animate.css
vulcanpayments.com/wp-content/themes/vulcan/css/ 		56 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vulcanpayments.com/wp-content/themes/vulcan/css/animate.css
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.52.150.144 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.52.150.144.static.a2webhosting.com
Software
Apache /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 06:46:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Jan 2020 08:26:36 GMT
Server
Apache
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
4344
logo.png
vulcanpayments.com/wp-content/themes/vulcan/images/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vulcanpayments.com/wp-content/themes/vulcan/images/logo.png
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.52.150.144 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.52.150.144.static.a2webhosting.com
Software
Apache /
Resource Hash
460bd44cbe5df003b558762d93de852432ed308ae19ef279d2910f0de1d055a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 06:46:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Jan 2020 08:46:05 GMT
Server
Apache
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jun 2025 02:43:55 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 06:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
472999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNdEbTnr54Ahileu0QzxR5CLCfclrNzFhx94FhruCUa1czeg8%2BpTeqy9qqPyxgB8zWj66z%2FAQvoP%2FR1SqLGhOKBa6AuQ5udLKuRxpM1tDLdUudQ9hzkxD0S45iMGm2NOjkpVRNK2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89618ffc2b7c902e-FRA
expires
Mon, 09 Jun 2025 06:46:31 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 06:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
665699
cdn-cachedat
04/08/2024 00:30:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
47d8df63e0a8ed471cf424e7095a92e9
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89618ffc5a2abbde-WAW
cdn-requestpullsuccess
True
wow.min.js
vulcanpayments.com/wp-content/themes/vulcan/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vulcanpayments.com/wp-content/themes/vulcan/js/wow.min.js
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.52.150.144 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.52.150.144.static.a2webhosting.com
Software
Apache /
Resource Hash
7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 06:46:31 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Jan 2020 08:55:39 GMT
Server
Apache
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=499
Content-Length
2825
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 06:46:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=12, mss=1297, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
fTNYy68UMPKIbKZzUpZ36qn72cfFfc1hzOg+R5mBm3zDp6GlNDyDA4n5/LTDmdqoahmC/x/bGhKnVypT0MGaDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
arrow.png
asiawebsolution.com/vulcan/wp-content/uploads/2020/01/ 		0
0
map.png
vulcanpayments.com/wp-content/themes/vulcan/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vulcanpayments.com/wp-content/themes/vulcan/images/map.png
Requested by
Host: vulcanpayments.com
URL: https://vulcanpayments.com/wp-content/themes/vulcan/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.52.150.144 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.52.150.144.static.a2webhosting.com
Software
Apache /
Resource Hash
57e77c0eb5da36a00a8866248e7a9730d613cffffef10b16d6c154ea21f01366
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vulcanpayments.com/wp-content/themes/vulcan/css/custom.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 06:46:31 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Jan 2020 08:46:18 GMT
Server
Apache
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=499
Content-Length
47308
ArquitectaW04-Md.woff2
vulcanpayments.com/wp-content/themes/vulcan/fonts/ 		0
0
BrandonGrotesque-Bold.woff2
vulcanpayments.com/wp-content/themes/vulcan/fonts/ 		0
0
2512243455703748
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2512243455703748?v=2.9.158&r=stable&domain=mail.vulcanpayments.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2d100800f9c9342de40ed8b9137e6b26a314821f32cfe4d2f7b00362861a440
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 06:46:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=4, c=41, mss=1297, tbw=63579, tp=-1, tpl=-1, uplat=190, ullat=0
pragma
public
x-fb-debug
sM7Whvrttn8GP5AAuXmep001ySR2HQHLt2ytAR3/D8l7R7nKVa++6dPdWnGfWU0MM8AUWIeCCqUN+R7Ojckuzw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ArquitectaW04-Md.woff
vulcanpayments.com/wp-content/themes/vulcan/fonts/ 		0
0
BrandonGrotesque-Bold.woff
vulcanpayments.com/wp-content/themes/vulcan/fonts/ 		0
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2512243455703748&ev=PageView&dl=https%3A%2F%2Fmail.vulcanpayments.com%2F&rl=&if=false&ts=1718779592539&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718779592531.561442099126823049&ler=empty&cdl=API_unavailable&it=1718779591420&coo=false&rqm=GET
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 06:46:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2512243455703748&ev=PageView&dl=https%3A%2F%2Fmail.vulcanpayments.com%2F&rl=&if=false&ts=1718779592539&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718779592531.561442099126823049&ler=empty&cdl=API_unavailable&it=1718779591420&coo=false&rqm=FGET
Requested by
Host: mail.vulcanpayments.com
URL: https://mail.vulcanpayments.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa227a88ff1334fc7","source_keys":["1","2"]},{"key_piece":"0x44891c7d9fdbe7fb","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 06:46:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382102137095778776", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=3101, tp=-1, tpl=-1, uplat=181, ullat=0
pragma
no-cache
x-fb-debug
zmxx3FzOtJOsAg7fbcx2YIHRFLY5AMZ9ESupui0tiCs7ypRcTZSL384IZugMy4H0UCZ7fUqsNsk7XBh/m0ercw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382102137095778776"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
ArquitectaW04-Md.ttf
vulcanpayments.com/wp-content/themes/vulcan/fonts/ 		0
0
BrandonGrotesque-Bold.ttf
vulcanpayments.com/wp-content/themes/vulcan/fonts/ 		0
0
favicon.ico
mail.vulcanpayments.com/ 		22 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mail.vulcanpayments.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.52.150.144 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.52.150.144.static.a2webhosting.com
Software
Apache / PHP/8.1.28
Resource Hash
d02647fbe9391992015f1930ff3445b0189f81da9fb7eefc4da9aff339c37600
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mail.vulcanpayments.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 06:46:33 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/8.1.28
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Link
<https://vulcanpayments.com/wp-json/>; rel="https://api.w.org/"
Content-Length
4779
Keep-Alive
timeout=3, max=500

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
asiawebsolution.com
URL
https://asiawebsolution.com/vulcan/wp-content/uploads/2020/01/arrow.png
Domain
vulcanpayments.com
URL
https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.woff2
Domain
vulcanpayments.com
URL
https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.woff2
Domain
vulcanpayments.com
URL
https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.woff
Domain
vulcanpayments.com
URL
https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.woff
Domain
vulcanpayments.com
URL
https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.ttf
Domain
vulcanpayments.com
URL
https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.ttf

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| fbq function| _fbq function| $ function| jQuery function| Popper object| bootstrap function| WOW object| wow

1 Cookies

Domain/Path Name / Value
.vulcanpayments.com/ Name: _fbp
Value: fb.1.1718779592531.561442099126823049

13 Console Messages

Source Level URL
Text
security warning URL: https://mail.vulcanpayments.com/
Message:
Mixed Content: The page at 'https://mail.vulcanpayments.com/' was loaded over HTTPS, but requested an insecure element 'http://asiawebsolution.com/vulcan/wp-content/uploads/2020/01/arrow.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript error URL: https://mail.vulcanpayments.com/
Message:
Access to font at 'https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.woff2' from origin 'https://mail.vulcanpayments.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.vulcanpayments.com/
Message:
Access to font at 'https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.woff2' from origin 'https://mail.vulcanpayments.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.vulcanpayments.com/
Message:
Access to font at 'https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.woff' from origin 'https://mail.vulcanpayments.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.vulcanpayments.com/
Message:
Access to font at 'https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.woff' from origin 'https://mail.vulcanpayments.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.vulcanpayments.com/
Message:
Access to font at 'https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.ttf' from origin 'https://mail.vulcanpayments.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://vulcanpayments.com/wp-content/themes/vulcan/fonts/ArquitectaW04-Md.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.vulcanpayments.com/
Message:
Access to font at 'https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.ttf' from origin 'https://mail.vulcanpayments.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://vulcanpayments.com/wp-content/themes/vulcan/fonts/BrandonGrotesque-Bold.ttf
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
asiawebsolution.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
mail.vulcanpayments.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
vulcanpayments.com
www.facebook.com
asiawebsolution.com
vulcanpayments.com
104.17.25.14
104.18.11.207
185.52.150.144
2a00:1450:4001:800::200a
2a00:1450:4001:82b::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0f94242c2a4ff1e6df4d3661c1598728c1f568e344b3fdee78a1403cfa941cf5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2dc81212c385fde29771442c0c63e6651be445aa1103f532e3716f6a06fd17f7
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
460bd44cbe5df003b558762d93de852432ed308ae19ef279d2910f0de1d055a2
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57e77c0eb5da36a00a8866248e7a9730d613cffffef10b16d6c154ea21f01366
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
64d5bd833f056297a4fd6863f70c87c212a61bdef4d43082ecd16eb9c0c1d5b8
7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a2d100800f9c9342de40ed8b9137e6b26a314821f32cfe4d2f7b00362861a440
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
d02647fbe9391992015f1930ff3445b0189f81da9fb7eefc4da9aff339c37600
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e