urlscan.io logo urlscan.io
SecurityTrails logo

safetypaying.com Open in urlscan Pro
107.149.82.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.safetypaying.com/
Effective URL: https://safetypaying.com/
Submission: On March 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 107.149.82.242, located in San Jose, United States and belongs to PEGTECHINC, US. The main domain is safetypaying.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 18th 2020. Valid for: 3 months.
This is the only time safetypaying.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 107.149.82.242 54600 (PEGTECHINC)
1 2a00:1450:400... 15169 (GOOGLE)
4 103.197.70.30 134705 (ITACE-AS-...)
4 103.235.46.191 55967 (CNNIC-BAI...)
3 2a00:1450:400... 15169 (GOOGLE)
26 5
15    107.149.82.242 (San Jose, United States)

ASN54600 (PEGTECHINC, US)
www.safetypaying.com
safetypaying.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    103.197.70.30 (Hong Kong)

ASN134705 (ITACE-AS-AP Itace International Limited, HK)
www.yibet88.com
4    103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
3    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
14 safetypaying.com safetypaying.com
4 hm.baidu.com www.yibet88.com
safetypaying.com
4 www.yibet88.com safetypaying.com
3 fonts.gstatic.com safetypaying.com
1 fonts.googleapis.com safetypaying.com
1 www.safetypaying.com 1 redirects
26 6

This site contains links to these domains. Also see Links.

Domain
cn.wordpress.org
www.vwthemes.com
Subject Issuer Validity Valid
safetypaying.com
Let's Encrypt Authority X3		 2020-03-18 -
2020-06-16		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
yibet88.com
TrustAsia TLS RSA CA		 2019-04-14 -
2020-04-13		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-01-13 -
2020-06-25		 5 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://safetypaying.com/
Frame ID: AF3A4E43B56E357EBC9E92E35C77C150
Requests: 25 HTTP requests in this frame

Frame: https://www.yibet88.com/html/18luck.html
Frame ID: 27825EFB5CF6EB940B95682407946790
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.safetypaying.com/ HTTP 301
    https://safetypaying.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

369 kB
Transfer

1202 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.safetypaying.com/ HTTP 301
    https://safetypaying.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safetypaying.com/
Redirect Chain
  • https://www.safetypaying.com/
  • https://safetypaying.com/
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx / PHP/5.6.36
Resource Hash
47dd04088258977666fc23c7792482fe1f298cb6160eb4579a4c2706db97a5d1

Request headers

:method
GET
:authority
safetypaying.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
server
nginx
date
Wed, 18 Mar 2020 12:18:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/5.6.36
link
<https://safetypaying.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip

Redirect headers

status
301
server
nginx
date
Wed, 18 Mar 2020 12:18:52 GMT
content-type
text/html; charset=UTF-8
location
https://safetypaying.com/
x-powered-by
PHP/5.6.36
css
fonts.googleapis.com/ 		423 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CABeeZee%3A400%2C400i%7CPoppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CFira+Sans%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e2545a827a4addeeebf17e129352f55770d402f9f857504a4675f70642be8b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Mar 2020 12:26:56 GMT
server
ESF
date
Wed, 18 Mar 2020 12:26:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Mar 2020 12:26:56 GMT
bootstrap.css
safetypaying.com/wp-content/themes/fashion-designer/assets/css/ 		174 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-content/themes/fashion-designer/assets/css/bootstrap.css?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe441bfdc0ee8a4d841523d4ecb3c7880c190cdba6f53755939d94ac1f414ade

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:41:56 GMT
server
nginx
etag
W/"5d36c854-2b7be"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
style.css
safetypaying.com/wp-content/themes/fashion-designer/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-content/themes/fashion-designer/style.css?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
d32bf5658d75d353448def7a4e56d196e87e2f1948377329027ef2febb1a33dc

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:41:56 GMT
server
nginx
etag
W/"5d36c854-720b"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
fontawesome-all.css
safetypaying.com/wp-content/themes/fashion-designer/assets/css/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-content/themes/fashion-designer/assets/css/fontawesome-all.css?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e9d79f6358d4ea892e1a18387f7479a030f7afe6c0b4f29fb0f563b7a60f718

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:41:56 GMT
server
nginx
etag
W/"5d36c854-a8dd"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
dashicons.min.css
safetypaying.com/wp-includes/css/ 		45 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-includes/css/dashicons.min.css?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:20:46 GMT
server
nginx
etag
W/"5d36c35e-b518"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
jquery.js
safetypaying.com/wp-includes/js/jquery/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Thu, 05 Sep 2019 08:50:22 GMT
server
nginx
etag
W/"5d70cc4e-17a6a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
jquery-migrate.min.js
safetypaying.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:20:46 GMT
server
nginx
etag
W/"5d36c35e-2748"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
custom.js
safetypaying.com/wp-content/themes/fashion-designer/assets/js/ 		2 KB
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-content/themes/fashion-designer/assets/js/custom.js?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
bef5e4d8efaebde14f53861b9259cdf290977d99c7bcf9a82d371ec64fe15760

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:41:56 GMT
server
nginx
etag
W/"5d36c854-703"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
SmoothScroll.js
safetypaying.com/wp-content/themes/fashion-designer/assets/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-content/themes/fashion-designer/assets/js/SmoothScroll.js?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
7dcd0802bd86365ee828836178f831e35ad9228753bfdf86f684698aad3d4b28

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:41:56 GMT
server
nginx
etag
W/"5d36c854-5493"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:57 GMT
18luck.js
www.yibet88.com/js/2019/7/h/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yibet88.com/js/2019/7/h/18luck.js
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
15344349e43faa974dcd6f29d4bcedd4a0f5559965b4147ede13c6eb6d733568

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 18 Mar 2020 12:27:07 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Jun 2019 05:56:28 GMT
Server
nginx
ETag
W/"5d184f0c-48c"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
news-aHR0cDovL2luZXdzLmd0aW1nLmNvbS9uZXdzYXBwX21hdGNoLzAvMTAwOTcwNjU4NjAvMA.jpg
safetypaying.com/wp-content/uploads/2019/08/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safetypaying.com/wp-content/uploads/2019/08/news-aHR0cDovL2luZXdzLmd0aW1nLmNvbS9uZXdzYXBwX21hdGNoLzAvMTAwOTcwNjU4NjAvMA.jpg
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
c4703340a217b3a7bb55b6a215acb418bcbe53bf2104b88df54d54fe1d01da39

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 18 Mar 2020 12:18:58 GMT
last-modified
Sun, 25 Aug 2019 19:03:21 GMT
server
nginx
etag
"5d62db79-9670"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
38512
expires
Fri, 17 Apr 2020 12:18:58 GMT
bootstrap.js
safetypaying.com/wp-content/themes/fashion-designer/assets/js/ 		112 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-content/themes/fashion-designer/assets/js/bootstrap.js?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 12:18:58 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 08:41:56 GMT
server
nginx
etag
W/"5d36c854-1c168"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:58 GMT
wp-embed.min.js
safetypaying.com/wp-includes/js/ 		1 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-includes/js/wp-embed.min.js?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 12:18:59 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 10:06:06 GMT
server
nginx
etag
W/"5d36dc0e-57b"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:18:59 GMT
wp-emoji-release.min.js
safetypaying.com/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.13
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 18 Mar 2020 12:19:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 10:06:06 GMT
server
nginx
etag
W/"5d36dc0e-2efa"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Thu, 19 Mar 2020 00:19:00 GMT
hm.js
hm.baidu.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?ec175d248c47a717e89d8f6bd45296ce
Requested by
Host: www.yibet88.com
URL: https://www.yibet88.com/js/2019/7/h/18luck.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
e1bf4fa03943482429b2bb1ded8e567d9a135f41161dbe873bfb7489805f6395
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 18 Mar 2020 12:27:08 GMT
Content-Encoding
gzip
Server
apache
Etag
22ca74eaca82009c08d13b06a602dcce
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13516
18luck.js
www.yibet88.com/js/ 		2 KB
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yibet88.com/js/18luck.js
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
6fd04f06300b76fcc389135dfd88a4cd42ab52bfdd4390d6eb06f5dc58169a97

Request headers

Referer
https://safetypaying.com/
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 18 Mar 2020 12:27:08 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Aug 2019 06:57:34 GMT
Server
nginx
ETag
W/"5d58f6de-622"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
main.js
www.yibet88.com/js/ 		1 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yibet88.com/js/main.js
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
00c2fe4910e253207c1bb587dfeb8f67643dfab2026d066c382c20ed3408b13c

Request headers

Referer
https://safetypaying.com/
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 18 Mar 2020 12:27:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 07:58:08 GMT
Server
nginx
ETag
W/"5cb58b10-4db"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
hm.js
hm.baidu.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?257e4b290b3203df4d45bddc916e5e09
Requested by
Host: www.yibet88.com
URL: https://www.yibet88.com/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
88c7f0f59a16793e5a31bc68adbc377b88b3051787e9f24443d5ea3612d639ee
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 18 Mar 2020 12:27:08 GMT
Content-Encoding
gzip
Server
apache
Etag
7320e5e568f45774adfb9e79cae288ff
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13507
18luck.html
www.yibet88.com/html/ Frame 2782 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yibet88.com/html/18luck.html
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
www.yibet88.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://safetypaying.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://safetypaying.com/

Response headers

Server
nginx
Date
Wed, 18 Mar 2020 12:27:08 GMT
Content-Type
text/html
Last-Modified
Sat, 04 Jan 2020 03:01:53 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5e100021-1084"
Content-Encoding
gzip
esDR31xSG-6AGleN2tWkkJUEGpA.woff2
fonts.gstatic.com/s/abeezee/v13/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abeezee/v13/esDR31xSG-6AGleN2tWkkJUEGpA.woff2
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62ae8928e8dbd3d6479227a1f186068b10514b25a7e7173e6afa9a7b5c07f486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CABeeZee%3A400%2C400i%7CPoppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CFira+Sans%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=4.9.13
Origin
https://safetypaying.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 03:34:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:57:01 GMT
server
sffe
age
1068735
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11168
x-xss-protection
0
expires
Sat, 06 Mar 2021 03:34:53 GMT
fa-solid-900.woff2
safetypaying.com/wp-content/themes/fashion-designer/assets/webfonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safetypaying.com/wp-content/themes/fashion-designer/assets/webfonts/fa-solid-900.woff2
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.149.82.242 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

Request headers

Referer
https://safetypaying.com/wp-content/themes/fashion-designer/assets/css/fontawesome-all.css?ver=4.9.13
Origin
https://safetypaying.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Mar 2020 12:19:09 GMT
last-modified
Tue, 23 Jul 2019 08:41:56 GMT
server
nginx
etag
"5d36c854-9780"
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
38784
esDT31xSG-6AGleN2tCUkp8DOJKuGA.woff2
fonts.gstatic.com/s/abeezee/v13/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abeezee/v13/esDT31xSG-6AGleN2tCUkp8DOJKuGA.woff2
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d7fd69a293c3d083c5a0ad4079f4f1300dec6c5f25b42bad8dc047e87914c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CABeeZee%3A400%2C400i%7CPoppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CFira+Sans%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=4.9.13
Origin
https://safetypaying.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 08:50:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:42 GMT
server
sffe
age
1049801
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11832
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:50:27 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v20/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v20/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CABeeZee%3A400%2C400i%7CPoppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CFira+Sans%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=4.9.13
Origin
https://safetypaying.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 23:54:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 22:41:36 GMT
server
sffe
age
1945959
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
33256
x-xss-protection
0
expires
Tue, 23 Feb 2021 23:54:29 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2053087693&si=ec175d248c47a717e89d8f6bd45296ce&v=1.2.68&lv=1&sn=29199&ct=!!&tt=%E7%8B%97%E4%B8%87%E5%B9%B3%E5%8F%B0%E5%9C%A8%E7%BA%BF%E7%BD%91%E5%9D%80-%E7%8B%97%E4%B8%87app%E6%AD%A3%E5%BC%8F%E7%89%88%E4%B8%8B%E8%BD%BD-%E7%8B%97%E4%B8%87%E5%AE%A2%E6%88%B7%E7%AB%AF%E7%BD%91%E5%9D%80
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Wed, 18 Mar 2020 12:27:08 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1522047606&si=257e4b290b3203df4d45bddc916e5e09&v=1.2.68&lv=1&sn=29199&ct=!!&tt=%E7%8B%97%E4%B8%87%E5%B9%B3%E5%8F%B0%E5%9C%A8%E7%BA%BF%E7%BD%91%E5%9D%80-%E7%8B%97%E4%B8%87app%E6%AD%A3%E5%BC%8F%E7%89%88%E4%B8%8B%E8%BD%BD-%E7%8B%97%E4%B8%87%E5%AE%A2%E6%88%B7%E7%AB%AF%E7%BD%91%E5%9D%80
Requested by
Host: safetypaying.com
URL: https://safetypaying.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://safetypaying.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Wed, 18 Mar 2020 12:27:09 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery object| jQuery1124008714130337758941 function| SmoothScroll object| twemoji object| wp object| _hmt string| rz1 string| oKIBBMzA2 string| H3 string| qswImfC4 string| SLZ1 string| Er2 string| cmuRr$hp3 string| zaygNWHsn4 string| a$rcuBZ5 function| getStyle object| bootstrap boolean| _bdhm_loaded_ec175d248c47a717e89d8f6bd45296ce object| mini_tangram_log_7ode51 boolean| _bdhm_loaded_257e4b290b3203df4d45bddc916e5e09 object| mini_tangram_log_xyo60m

4 Cookies

Domain/Path Name / Value
.safetypaying.com/ Name: Hm_lpvt_257e4b290b3203df4d45bddc916e5e09
Value: 1584534429
.safetypaying.com/ Name: Hm_lvt_257e4b290b3203df4d45bddc916e5e09
Value: 1584534429
.safetypaying.com/ Name: Hm_lpvt_ec175d248c47a717e89d8f6bd45296ce
Value: 1584534429
.safetypaying.com/ Name: Hm_lvt_ec175d248c47a717e89d8f6bd45296ce
Value: 1584534429

1 Console Messages

Source Level URL
Text
console-api log URL: https://safetypaying.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hm.baidu.com
safetypaying.com
www.safetypaying.com
www.yibet88.com
103.197.70.30
103.235.46.191
107.149.82.242
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2003
00c2fe4910e253207c1bb587dfeb8f67643dfab2026d066c382c20ed3408b13c
15344349e43faa974dcd6f29d4bcedd4a0f5559965b4147ede13c6eb6d733568
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2e9d79f6358d4ea892e1a18387f7479a030f7afe6c0b4f29fb0f563b7a60f718
47dd04088258977666fc23c7792482fe1f298cb6160eb4579a4c2706db97a5d1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
62ae8928e8dbd3d6479227a1f186068b10514b25a7e7173e6afa9a7b5c07f486
6e2545a827a4addeeebf17e129352f55770d402f9f857504a4675f70642be8b0
6fd04f06300b76fcc389135dfd88a4cd42ab52bfdd4390d6eb06f5dc58169a97
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757
7dcd0802bd86365ee828836178f831e35ad9228753bfdf86f684698aad3d4b28
88c7f0f59a16793e5a31bc68adbc377b88b3051787e9f24443d5ea3612d639ee
8d7fd69a293c3d083c5a0ad4079f4f1300dec6c5f25b42bad8dc047e87914c6f
bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b
bef5e4d8efaebde14f53861b9259cdf290977d99c7bcf9a82d371ec64fe15760
c4703340a217b3a7bb55b6a215acb418bcbe53bf2104b88df54d54fe1d01da39
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d32bf5658d75d353448def7a4e56d196e87e2f1948377329027ef2febb1a33dc
e1bf4fa03943482429b2bb1ded8e567d9a135f41161dbe873bfb7489805f6395
fe441bfdc0ee8a4d841523d4ecb3c7880c190cdba6f53755939d94ac1f414ade