urlscan.io logo urlscan.io
SecurityTrails logo

payseur.org Open in urlscan Pro
54.81.238.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.payseur.org/
Effective URL: https://payseur.org/
Submission: On February 27 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 20 HTTP transactions. The main IP is 54.81.238.129, located in United States and belongs to AMAZON-AES, US. The main domain is payseur.org.
TLS certificate: Issued by R3 on December 7th 2020. Valid for: 3 months.
This is the only time payseur.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 54.81.238.129 14618 (AMAZON-AES)
1 2600:9000:20d... 16509 (AMAZON-02)
1 108.167.184.194 46606 (UNIFIEDLA...)
1 174.142.60.93 32613 (IWEB-AS)
1 104.16.227.72 13335 (CLOUDFLAR...)
1 184.164.136.210 20454 (SSASN2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 209.59.155.222 32244 (LIQUIDWEB)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 107.23.16.6 14618 (AMAZON-AES)
3 2a04:fa87:fff... 2635 (AUTOMATTIC)
20 12
6    54.81.238.129 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-238-129.compute-1.amazonaws.com
www.payseur.org
payseur.org
1    2600:9000:20d7:8c00:10:a6c2:b940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn3.wealthyaffiliate.com
1    108.167.184.194 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: who.wholesaledesignerhandbags.com
www.wholesaledesignerhandbags.com
1    174.142.60.93 (Canada)

ASN32613 (IWEB-AS, CA)
www.amazingself.com
1    104.16.227.72 (United States)

ASN13335 (CLOUDFLARENET, US)
static.shareasale.com
1    184.164.136.210 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: server.prosperitymarketingsystem.com
www.adchiever.com
1    2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.thecosmoswithlove.com
1    209.59.155.222 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: john.themanifestationmillionaire.com
manifestationmagic.com
1    2606:4700:3033::6815:1114 (United States)

ASN13335 (CLOUDFLARENET, US)
www.uni24x7.com
4    107.23.16.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-16-6.compute-1.amazonaws.com
my.wealthyaffiliate.com
3    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
Domain Requested by
5 payseur.org payseur.org
4 my.wealthyaffiliate.com payseur.org
3 secure.gravatar.com payseur.org
1 www.uni24x7.com payseur.org
1 manifestationmagic.com payseur.org
1 www.thecosmoswithlove.com payseur.org
1 www.adchiever.com payseur.org
1 static.shareasale.com payseur.org
1 www.amazingself.com payseur.org
1 www.wholesaledesignerhandbags.com payseur.org
1 cdn3.wealthyaffiliate.com payseur.org
1 www.payseur.org 1 redirects
20 12
Subject Issuer Validity Valid
payseur.org
R3		 2020-12-07 -
2021-03-07		 3 months crt.sh
*.wealthyaffiliate.com
Go Daddy Secure Certificate Authority - G2		 2020-08-11 -
2022-10-10		 2 years crt.sh
wholesaledesignerhandbags.com
cPanel, Inc. Certification Authority		 2021-01-29 -
2021-04-29		 3 months crt.sh
amazingself.com
cPanel, Inc. Certification Authority		 2021-01-02 -
2021-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
adchiever.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-26 -
2021-12-27		 a year crt.sh
www.thecosmoswithlove.com
Cloudflare Inc ECC CA-3		 2020-08-13 -
2021-08-13		 a year crt.sh
manifestationmagic.com
cPanel, Inc. Certification Authority		 2021-01-28 -
2021-04-28		 3 months crt.sh
my.wealthyaffiliate.com
R3		 2021-01-08 -
2021-04-08		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://payseur.org/
Frame ID: 8F64720E9CF22A734C00988B7EF2444D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.payseur.org/ HTTP 301
    https://payseur.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

812 kB
Transfer

919 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.payseur.org/ HTTP 301
    https://payseur.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payseur.org/
Redirect Chain
  • https://www.payseur.org/
  • https://payseur.org/
123 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
54.81.238.129 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-238-129.compute-1.amazonaws.com
Software
Apache/2.4.37 (Debian) / PHP/7.3.9
Resource Hash
f1f1b89295694aa104acc9af49be235122a75c31ebd494cccc3adb8a66623205

Request headers

Host
payseur.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:36 GMT
Server
Apache/2.4.37 (Debian)
X-Powered-By
PHP/7.3.9
X-Pingback
https://payseur.org/xmlrpc.php
Link
<https://payseur.org/wp-json/>; rel="https://api.w.org/", <https://payseur.org/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json", <https://payseur.org/>; rel=shortlink
Vary
X-Forwarded-Proto,X-WP-CORE-VERSION,Accept-Encoding
Cache-Control
max-age=31536000
Expires
Sat, 26 Feb 2022 23:48:44 GMT
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
SiteSpeed
6666cd76f96956469e7be39d750cc7d9.raw.gz 3.34
Content-Length
24366

Redirect headers

Date
Sat, 27 Feb 2021 04:02:35 GMT
Server
Apache/2.4.37 (Debian)
Location
https://payseur.org/
Cache-Control
max-age=0
Expires
Sat, 27 Feb 2021 04:02:35 GMT
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
SiteSpeed
[expired] 3.34
Content-Length
2446
wp-emoji-release.min.js
payseur.org/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payseur.org/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
54.81.238.129 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-238-129.compute-1.amazonaws.com
Software
Apache/2.4.37 (Debian) /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Feb 2021 16:11:19 GMT
Server
Apache/2.4.37 (Debian)
ETag
"3795-5ba84f4334910-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4662
Expires
Sat, 27 Feb 2021 04:02:36 GMT
cropped-matejko003-4.jpg
payseur.org/wp-content/uploads/2020/02/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payseur.org/wp-content/uploads/2020/02/cropped-matejko003-4.jpg
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
54.81.238.129 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-238-129.compute-1.amazonaws.com
Software
Apache/2.4.37 (Debian) /
Resource Hash
aa7f849af70a35489946fc52e3f2ffcc5f65f69e7e02617709fdb7f194b92e11

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:36 GMT
Last-Modified
Fri, 21 Feb 2020 19:26:47 GMT
Server
Apache/2.4.37 (Debian)
ETag
"f64d-59f1b00a06bc0"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
63053
Expires
Sun, 27 Feb 2022 04:02:36 GMT
wa_stop_struggling_120x600.jpg
cdn3.wealthyaffiliate.com/banners/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn3.wealthyaffiliate.com/banners/wa_stop_struggling_120x600.jpg?1597181044
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:8c00:10:a6c2:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fa8b9515427c6f6af2e5d9306eb67709b14397f892a7eb0efa1d2cbe89721bf

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 18:34:10 GMT
via
1.1 98e6142a124268fae259e9413f391903.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2015 17:22:47 GMT
server
AmazonS3
age
811707
etag
"5641971f3b39941ad4543cc20b907337"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
28894
x-amz-cf-id
LqSC9HxHPtjeJGr2vyTSJ-jsjUHBki8q_jGHkOuPfLmsrcZ9_v54PA==
120x600.gif
www.wholesaledesignerhandbags.com/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wholesaledesignerhandbags.com/images/120x600.gif
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.167.184.194 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
who.wholesaledesignerhandbags.com
Software
Apache /
Resource Hash
c91c40de27f170f173a9d92db2a3c443a010ea3598f1c7571e10de60e00dcac0

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:36 GMT
Last-Modified
Wed, 16 Apr 2014 17:33:33 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=51
Content-Length
32585
160.gif
www.amazingself.com/images/banners/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.amazingself.com/images/banners/160.gif
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.142.60.93 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
94ca54c7441cb52410d052362b92559a2cad33bfa4ffe0ff84a4f6193e5b7b49

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:37 GMT
Last-Modified
Wed, 10 Feb 2016 05:27:53 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
116608
AffiliateAdsDesignThree_160x600.jpg
static.shareasale.com/image/51413/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shareasale.com/image/51413/AffiliateAdsDesignThree_160x600.jpg
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.227.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f5bf041f3b614c9d04d0f6a5d0ad3e113e9097f689390124d8ec1bc244b64d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 04:02:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-request-id
142AC9BA974225F0
last-modified
Tue, 20 Aug 2019 23:51:18 GMT
x-amz-meta-md5-hash
40dbd21fba2b326392e7ac91a95b60b1
vary
Accept-Encoding
content-length
70958
x-amz-id-2
skHbPoOPoA0iG2ID3wclB56l4yekDjyfo6U4DlvMqQXPNQ2osQNhtz7pGawY355AchBmLxBOne4=
cf-bgj
h2pri
server
cloudflare
etag
"40dbd21fba2b326392e7ac91a95b60b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
cache-control
public, max-age=3600
cf-request-id
088340219a000010adf1045000000001
accept-ranges
bytes
cf-ray
627f02e29aae10ad-CPH
x-amz-meta-last-modified
Tue Aug 20 19:51:17 EDT 2019
expires
Sat, 27 Feb 2021 05:02:37 GMT
160x600.gif
www.adchiever.com/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adchiever.com/images/160x600.gif
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.164.136.210 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
server.prosperitymarketingsystem.com
Software
Apache /
Resource Hash
9fb03e629d6527bfb9008f1365c1d6cd45ce8fb51084c6e4497229e5bc447179

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:34 GMT
Last-Modified
Thu, 30 Jan 2014 10:40:37 GMT
Server
Apache
P3P
CP="NOI DSP COR CUR ADMi OUR STP CNT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
39470
banner-ad-4A-160x600.png
www.thecosmoswithlove.com/hosted/images/87/dd250373bb4f32a18fce7a96e59d35/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecosmoswithlove.com/hosted/images/87/dd250373bb4f32a18fce7a96e59d35/banner-ad-4A-160x600.png
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
461eb62049da1b3a808ae59d772983efe111cdfa1dcc802298d9e92d791a2243

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 04:02:36 GMT
cf-cache-status
HIT
age
4
cf-polished
origSize=122520
content-length
122330
cf-request-id
088340217d0000635f8fabb000000001
last-modified
Fri, 23 Aug 2019 02:34:05 GMT
server
cloudflare
etag
"34e72b29b5a330175cc3db9d35da89c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
cf-ray
627f02e26b30635f-FRA
cf-bgj
imgq:85,h2pri,csam-hash
Affiliates-Banner-6-E.gif
manifestationmagic.com/affiliate/120by600/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manifestationmagic.com/affiliate/120by600/Affiliates-Banner-6-E.gif
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.155.222 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
john.themanifestationmillionaire.com
Software
Apache /
Resource Hash
1aff67972b7f1be42e6bb552762b42f1483a24ebec99eb85f4216d8c6780b90a

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:36 GMT
Last-Modified
Thu, 09 Apr 2020 07:43:09 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
49071
160x600.jpg
www.uni24x7.com/wp-content/uploads/2016/10/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.uni24x7.com/wp-content/uploads/2016/10/160x600.jpg
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc91ee5f2ca5ded7754cfd6e867f421593965af33b42cfb113d53df853fce14

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 04:02:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
174658
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82303
cf-request-id
088340218000004e86bebe3000000001
last-modified
Thu, 12 Apr 2018 10:00:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ECvy8A1MTrTtVklhDPt05mEV1YSisWmQP1rfLlA2c4JoMc5r1ZHncZ%2BLleoZbuViabE%2BJa1PiXFv7YxuP3Ab0r%2B6WZn26sbgA4%2Bu1Y54H1KC5xEPCQXlKRUU3g8%3D"}]}
content-type
image/jpeg
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
627f02e268304e86-FRA
expires
Fri, 25 Jun 2021 03:31:38 GMT
wa_like_to_earn_600x600.jpg
my.wealthyaffiliate.com/banners/show/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.wealthyaffiliate.com/banners/show/wa_like_to_earn_600x600.jpg
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.16.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-16-6.compute-1.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
482176aa22b47353241b39e091a0fcb73c78f40ce3510227a39a9bc18d9a8440

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 03:35:48 GMT
Server
nginx/1.15.12
x-amz-request-id
5G6S4N5JFG3P3Z2G
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81266
x-amz-id-2
acczDfhLMyIpP3K5BOfOUUTOh2NleovR7rPJvtVNXf8XbCTY4iTtssMEyTn1RE7fqbrLO83C44k=
wa_making_money_exposed_200x200.jpg
my.wealthyaffiliate.com/banners/show/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.wealthyaffiliate.com/banners/show/wa_making_money_exposed_200x200.jpg
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.16.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-16-6.compute-1.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
270143e3819266ddb5347881cb81b3e09d4a86a5d8dc79e975c8c2e8bf4d3d5b

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 03:35:48 GMT
Server
nginx/1.15.12
x-amz-request-id
6AB11628C6E25E06
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16771
x-amz-id-2
cCoGluFJUQ2cmH2jDcpIwh//zi9EJ+3dDFVYIOVEzV4in0YT1yBB7NlWm3Rdejy6Gz9GWqfGNaw=
wa_super_affiliate_250x250.jpg
my.wealthyaffiliate.com/banners/show/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.wealthyaffiliate.com/banners/show/wa_super_affiliate_250x250.jpg
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.16.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-16-6.compute-1.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
41f67bc1a4744b759595f480bee5d557802229e43da8beeb9fa589f8147b1da9

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 03:35:48 GMT
Server
nginx/1.15.12
x-amz-request-id
3H7R4KBY6YEYDVDY
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25901
x-amz-id-2
wO/P+yAFlwxpHXO3uL6LFSpAkmuz0/O/2Nm+oskWyK3JJ+TF40xAq9bODMIPbXQnSN2IEXImFks=
wa_starter_350x350.png
my.wealthyaffiliate.com/banners/show/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.wealthyaffiliate.com/banners/show/wa_starter_350x350.png
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.16.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-16-6.compute-1.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
0da096d3f11e6fd385ee4b2e7df0bd1566baf76b5b48b0a720b908c6e32b35ae

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 03:35:48 GMT
Server
nginx/1.15.12
x-amz-request-id
14EE14102D61F758
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55479
x-amz-id-2
klT839e0C+m8SUP3dkPES49E5LmW8QJa7pHXjxXYuiHR+J9ZDJFsfip2aO7f7u/g5J7IJIG0rnY=
3dbdaef78efdc969ac3b5745f6c603c5.js
payseur.org/sitespeed-js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payseur.org/sitespeed-js/3dbdaef78efdc969ac3b5745f6c603c5.js
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
54.81.238.129 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-238-129.compute-1.amazonaws.com
Software
/
Resource Hash
a934fbb306e1463e7ddc3125fa524f49eb8733eeddfd6488319a0d6338472023

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Feb 2021 23:48:44 GMT
Content-Type
application/javascript
SiteSpeed
3dbdaef78efdc969ac3b5745f6c603c5.js.gz 3.34
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4886
Expires
Sun, 27 Feb 2022 04:02:36 GMT
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
wordpress.png
payseur.org/wp-content/themes/twentyten/images/ 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payseur.org/wp-content/themes/twentyten/images/wordpress.png
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
54.81.238.129 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-238-129.compute-1.amazonaws.com
Software
Apache/2.4.37 (Debian) /
Resource Hash
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 04:02:36 GMT
Last-Modified
Mon, 28 Dec 2020 01:18:01 GMT
Server
Apache/2.4.37 (Debian)
ETag
"31a-5b77c0b918be1"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
794
Expires
Sun, 27 Feb 2022 04:02:36 GMT
8b363bee1614faf8cbe147fb178e8f83
secure.gravatar.com/avatar/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8b363bee1614faf8cbe147fb178e8f83?s=40&d=mm&r=g
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe72e710fa08ea724842080b779a946a2ef297a1337c14e53423fc53269fe98f

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 27 Feb 2021 04:02:41 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8b363bee1614faf8cbe147fb178e8f83.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8b363bee1614faf8cbe147fb178e8f83?s=40&d=mm&r=g>; rel="canonical"
content-length
983
expires
Sat, 27 Feb 2021 04:07:41 GMT
2f1d76ae3b18caa2fc8ea3aeb8002c68
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/2f1d76ae3b18caa2fc8ea3aeb8002c68?s=40&d=mm&r=g
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
78728e7dfb1ac28351cc44b55f8196e7847413999a6f603add2ca6cfb337742c

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 27 Feb 2021 04:02:41 GMT
last-modified
Thu, 30 Jan 2020 22:38:31 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="2f1d76ae3b18caa2fc8ea3aeb8002c68.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/2f1d76ae3b18caa2fc8ea3aeb8002c68?s=40&d=mm&r=g>; rel="canonical"
content-length
1630
expires
Sat, 27 Feb 2021 04:07:41 GMT
2b28563ae9364039ba535c20279e37ab
secure.gravatar.com/avatar/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/2b28563ae9364039ba535c20279e37ab?s=40&d=mm&r=g
Requested by
Host: payseur.org
URL: https://payseur.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e

Request headers

Referer
https://payseur.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 27 Feb 2021 04:02:41 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="2b28563ae9364039ba535c20279e37ab.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/2b28563ae9364039ba535c20279e37ab?s=40&d=mm&r=g>; rel="canonical"
content-length
983
expires
Sat, 27 Feb 2021 04:07:41 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| twemoji object| wp function| CountLeadingZeroes function| Increment function| Hashcash function| HashcashBG function| StartHashcashIfNecessary function| myAddEventListener function| getCommentForms object| Sha1 object| Utf8 object| leadingZeroesTable object| incrementTable boolean| gHashcashStarted object| addComment function| loadDeferredStyles function| raf

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn3.wealthyaffiliate.com
manifestationmagic.com
my.wealthyaffiliate.com
payseur.org
secure.gravatar.com
static.shareasale.com
www.adchiever.com
www.amazingself.com
www.payseur.org
www.thecosmoswithlove.com
www.uni24x7.com
www.wholesaledesignerhandbags.com
104.16.227.72
107.23.16.6
108.167.184.194
174.142.60.93
184.164.136.210
209.59.155.222
2600:9000:20d7:8c00:10:a6c2:b940:93a1
2606:4700:3033::6815:1114
2606:4700::6810:ec2
2a04:fa87:fffe::c000:4902
54.81.238.129
06f5bf041f3b614c9d04d0f6a5d0ad3e113e9097f689390124d8ec1bc244b64d
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0da096d3f11e6fd385ee4b2e7df0bd1566baf76b5b48b0a720b908c6e32b35ae
1aff67972b7f1be42e6bb552762b42f1483a24ebec99eb85f4216d8c6780b90a
270143e3819266ddb5347881cb81b3e09d4a86a5d8dc79e975c8c2e8bf4d3d5b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41f67bc1a4744b759595f480bee5d557802229e43da8beeb9fa589f8147b1da9
461eb62049da1b3a808ae59d772983efe111cdfa1dcc802298d9e92d791a2243
482176aa22b47353241b39e091a0fcb73c78f40ce3510227a39a9bc18d9a8440
61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
78728e7dfb1ac28351cc44b55f8196e7847413999a6f603add2ca6cfb337742c
7fa8b9515427c6f6af2e5d9306eb67709b14397f892a7eb0efa1d2cbe89721bf
94ca54c7441cb52410d052362b92559a2cad33bfa4ffe0ff84a4f6193e5b7b49
9fb03e629d6527bfb9008f1365c1d6cd45ce8fb51084c6e4497229e5bc447179
a934fbb306e1463e7ddc3125fa524f49eb8733eeddfd6488319a0d6338472023
aa7f849af70a35489946fc52e3f2ffcc5f65f69e7e02617709fdb7f194b92e11
c91c40de27f170f173a9d92db2a3c443a010ea3598f1c7571e10de60e00dcac0
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e
cfc91ee5f2ca5ded7754cfd6e867f421593965af33b42cfb113d53df853fce14
f1f1b89295694aa104acc9af49be235122a75c31ebd494cccc3adb8a66623205
fe72e710fa08ea724842080b779a946a2ef297a1337c14e53423fc53269fe98f