urlscan.io logo urlscan.io
SecurityTrails logo

checkout.star-telegram.com Open in urlscan Pro
20.76.203.173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbd5&p1=account.star-telegram.com/subscribe/create?param=f3JBDEE=...
Effective URL: https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-...
Submission: On January 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 20.76.203.173, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is checkout.star-telegram.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 19th 2020. Valid for: 2 years.
This is the only time checkout.star-telegram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.191.76.37 16509 (AMAZON-02)
1 2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 20.76.203.173 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
6 107.154.132.193 19551 (INCAPSULA)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
23 9
1    54.191.76.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-76-37.us-west-2.compute.amazonaws.com
t1.news.mcclatchydc.com
2    2a02:26f0:6c00::210:ba81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
account.star-telegram.com
7    20.76.203.173 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
checkout.star-telegram.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
6    107.154.132.193 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.193.ip.incapdns.net
us1-api.mppglobal.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
Domain Requested by
7 checkout.star-telegram.com checkout.star-telegram.com
6 us1-api.mppglobal.com checkout.star-telegram.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 connect.facebook.net checkout.star-telegram.com
connect.facebook.net
2 apis.google.com checkout.star-telegram.com
apis.google.com
2 account.star-telegram.com 1 redirects checkout.star-telegram.com
1 ssl.gstatic.com accounts.google.com
1 www.facebook.com connect.facebook.net
1 t1.news.mcclatchydc.com 1 redirects
23 9

This site contains links to these domains. Also see Links.

Domain
www.star-telegram.com
Subject Issuer Validity Valid
checkout.mcclatchydc.com
Entrust Certification Authority - L1K		 2020-08-19 -
2022-09-13		 2 years crt.sh
*.apis.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-15 -
2022-01-13		 3 months crt.sh
news.bellinghamherald.com
DigiCert ECC Extended Validation Server CA		 2020-08-24 -
2022-08-24		 2 years crt.sh
accounts.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-09 -
2022-06-10		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
Frame ID: CA8B672EEA027D65EEB606994B8146AB
Requests: 17 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: AD10F130A43E1753C2A26DB93FAD981F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Star Telegram

Page URL History Show full URLs

  1. https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbd5&p1=account.star-telegram.com/subscribe/c... HTTP 302
    https://account.star-telegram.com/subscribe/create?param=f3JBDEE=&ac_cid=DM588779&ac_bid=-1450476849&offer=NmE... HTTP 302
    https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

23
Requests

96 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

519 kB
Transfer

1667 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbd5&p1=account.star-telegram.com/subscribe/create?param=f3JBDEE=&offer=NmEfaxcUb3lSCUJAfRI8CD8zGQVJfUs3fQVDG15QPgoUG0hQeHNFCkZBb29STx0HLisVS1BIbwUkbktLAAxDdD1DeHpJGw8%3D&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201&p2=DM588779&p3=-1450476849&s=mz5pQ-HT85kX4YezXcJbCqXTU4iDw_H5Q-ELHbXx1zs HTTP 302
    https://account.star-telegram.com/subscribe/create?param=f3JBDEE=&ac_cid=DM588779&ac_bid=-1450476849&offer=NmEfaxcUb3lSCUJAfRI8CD8zGQVJfUs3fQVDG15QPgoUG0hQeHNFCkZBb29STx0HLisVS1BIbwUkbktLAAxDdD1DeHpJGw8%3D&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201 HTTP 302
    https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
checkout.star-telegram.com/apps/payment/
Redirect Chain
  • https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbd5&p1=account.star-telegram.com/subscribe/create?param=f3JBDEE=&offer=NmEfaxcUb3lSCUJAfRI8CD8zGQVJfUs3fQVDG15QPgoUG0hQeHNFCkZBb29STx...
  • https://account.star-telegram.com/subscribe/create?param=f3JBDEE=&ac_cid=DM588779&ac_bid=-1450476849&offer=NmEfaxcUb3lSCUJAfRI8CD8zGQVJfUs3fQVDG15QPgoUG0hQeHNFCkZBb29STx0HLisVS1BIbwUkbktLAAxDdD1DeH...
  • https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.76.203.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e83d4103d5a08ee59708b55d4bf32e1c8cf7579deff6f80cbcad67b1048bdedf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 16:07:02 GMT
accept-ranges
bytes
etag
"0978ba1376cd71:0"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Wed, 05 Jan 2022 19:57:52 GMT
content-length
992

Redirect headers

x-powered-by
Express
x-env
prod
x-frame-options
DENY DENY
content-security-policy
frame-ancestors eedition.star-telegram.com
cache-control
public, max-age=900, unique
expires
Wed, 05 Jan 2022 20:12:51 GMT
location
https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201#/?guid=808170cda69e42649c5a7a6c3c5bdf20
content-type
text/html; charset=utf-8
content-length
422
date
Wed, 05 Jan 2022 19:57:52 GMT
main.min.css
checkout.star-telegram.com/css/ 		206 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout.star-telegram.com/css/main.min.css
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.76.203.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7462356b4d60b272317657dfd4ffbfa221d3387d863a4f86751664623a645363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:52 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 16:07:06 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0f1eda3376cd71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
34728
all.js
checkout.star-telegram.com/apps/payment/js/ 		799 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.star-telegram.com/apps/payment/js/all.js
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.76.203.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34c2d21f4739dfe70913b840b2cf1971109fb912d62b476f65270d75393ec22c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:52 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 16:07:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"01b63b9376cd71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
211781
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=onLoadGoogleCallback
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17159bcdce2542377d11ee06a5d6c04469b4d977feb24a312dfbeac3529609d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zqMRNGLX0D7fJ+hu67M19w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"2560ee3be2d1c175f42e16425aeaf43d"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-zqMRNGLX0D7fJ+hu67M19w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 05 Jan 2022 19:57:52 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3284c7d89b4c067c6dcdc32359b537e86ec3b23920246d5a9d61692f0f34ca34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BaXQoBcncogWQYr5Hxdv8w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
S7Og4dhNEtekTEkRoihVsrns8wkOxrWEnz9cYNjVAIEBd4zvLtCEEoEJ11MvW2jQ5LXnL4v7xmme0KdXHEE3Dg==
x-fb-trip-id
686109401
x-fb-content-md5
cca85f189fc5cdf5d35edfa187013664
x-frame-options
DENY
date
Wed, 05 Jan 2022 19:57:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"5807dcf4086cbadd045c75a57e5880da"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 05 Jan 2022 20:11:33 GMT
locale-en-us.json
checkout.star-telegram.com/modules/mpp/_core/locale/ 		28 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout.star-telegram.com/modules/mpp/_core/locale/locale-en-us.json
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/js/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.76.203.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d1b4c569f8b58b11ecb29e62c57bc3e90d41e097e5afdbb25398fe8ec57070e9

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:52 GMT
last-modified
Mon, 28 Jun 2021 16:06:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0b6959b376cd71:0"
content-type
application/json
accept-ranges
bytes
content-length
28925
mpp
account.star-telegram.com/api/configs/ 		450 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.star-telegram.com/api/configs/mpp
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
df5c2c0aba6821732a4f4e71875e3a4a24d1d2e5ee3a25c5d0b44b7a5a8ee9f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors eedition.star-telegram.com
X-Frame-Options DENY, DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkout.star-telegram.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
frame-ancestors eedition.star-telegram.com
x-env
prod
x-powered-by
Express
etag
W/"1c2-XiUKAnMgi3JqEF5nBg0krBcu4ec"
x-frame-options
DENY, DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.star-telegram.com
cache-control
public, max-age=900, unique
date
Wed, 05 Jan 2022 19:57:55 GMT
content-length
450
expires
Wed, 05 Jan 2022 20:12:55 GMT
logo.svg
checkout.star-telegram.com/images/star-telegram/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkout.star-telegram.com/images/star-telegram/logo.svg
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.76.203.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
68a30ece93aba19195b47679e55ea5d10900ffe2a9803fda778b6c7a10d37e77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:52 GMT
last-modified
Mon, 28 Jun 2021 16:07:10 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"04b50a6376cd71:0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
6805
mcclatchy-sans-semi.woff
checkout.star-telegram.com/fonts/mcclatchy/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout.star-telegram.com/fonts/mcclatchy/mcclatchy-sans-semi.woff
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/css/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.76.203.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
21891543f19b0f6f617591cd5b4624a09f0d74d01b3e9836bca0af56ddea6973

Request headers

Referer
https://checkout.star-telegram.com/css/main.min.css
Origin
https://checkout.star-telegram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:52 GMT
last-modified
Mon, 28 Jun 2021 16:06:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"089649a376cd71:0"
content-type
font/x-woff
accept-ranges
bytes
content-length
29264
mcclatchy-sans-regular.woff
checkout.star-telegram.com/fonts/mcclatchy/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout.star-telegram.com/fonts/mcclatchy/mcclatchy-sans-regular.woff
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/css/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.76.203.173 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7ddc1f3125c1c3c3e6cb0422f65eedddac57fc4716d5a88e4c947b0065a8ae95

Request headers

Referer
https://checkout.star-telegram.com/css/main.min.css
Origin
https://checkout.star-telegram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:52 GMT
last-modified
Mon, 28 Jun 2021 16:06:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"089649a376cd71:0"
content-type
font/x-woff
accept-ranges
bytes
content-length
29244
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=459a72cc79b55f26daf42c40dd80ced6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95754316846612d3cdbd0e71c4388a1caba9ad4e988856a01ab86338e965e613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://checkout.star-telegram.com/
Origin
https://checkout.star-telegram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
nQUQyyQVJszPjPMIYkFF8A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83430
x-fb-rlafr
0
x-fb-debug
aVBhQwO6/YtG1n33jFdGyuvNCKTejQxtXl1IjYQ5LQrepXoACnfykUYsM+3lyv0KUY9l1afoTH8FKphnnO651g==
x-fb-trip-id
686109401
x-fb-content-md5
9e22ec9a604976ec732cb3fe560e1218
x-frame-options
DENY
date
Wed, 05 Jan 2022 19:57:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5da68e02d8ba7769ae5b3e16fd6d6290"
timing-allow-origin
*
expires
Thu, 05 Jan 2023 18:05:33 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=onLoadGoogleCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85c0bfa70bb79afae7106ee2b51a05afe0fa6d5bf7be550fff2082d6445c22b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35194
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 19:54:40 GMT
iframe
accounts.google.com/o/oauth2/ Frame AD10 		513 B
902 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ee3b4d8f008016211a89e7c8fe78e11c9f47e933c177f1bd3065025b5992b6c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gJugGUs5fpRZm7ajkoUUmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 05 Jan 2022 19:57:55 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-gJugGUs5fpRZm7ajkoUUmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
VerifyActiveSession
us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/VerifyActiveSession
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.193 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.193.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-sessionid,x-tokenid
Origin
https://checkout.star-telegram.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
private
server
Microsoft-IIS/10.0
x-stackifyid
V2|7c03796b-66ed-4d85-90d7-1dae2d3176af|C65747|CD72
access-control-allow-origin
https://checkout.star-telegram.com
access-control-request-method
POST,OPTIONS
access-control-allow-headers
X-SessionId,X-TokenId,Accept,Content-Type,x-requested-with
access-control-expose-headers
X-SessionId
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 05 Jan 2022 19:57:55 GMT
content-length
0
x-cdn
Imperva
x-iinfo
11-89525277-89525280 NNNN CT(-1 -1 2) RT(1641412675369 0) q(0 0 4 4) r(5 5) U5
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=234351110366085&input_token&origin=1&redirect_uri=https%3A%2F%2Fcheckout.star-telegram.com%2Fapps%2Fpayment%2F%3Fac_cid%3DDM588779%26ac_bid%3D-1450476849%26cid%3Deml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201%23%2F%3Fguid%3D808170cda69e42649c5a7a6c3c5bdf20&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=459a72cc79b55f26daf42c40dd80ced6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout.star-telegram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
tpN4ktYTs+kXvJQfgvHFICuT3YqxBS7x62vXpf0EQWr4XP+mDThAsLWYkliKVra3wfBuxKDiJ8X2sMO3AkUILg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Wed, 05 Jan 2022 19:57:55 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://checkout.star-telegram.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
VerifyActiveSession
us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/ 		89 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/VerifyActiveSession
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.193 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.193.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9222cf59ff674e049b763dbd7b267ac8dfab21b3eba027023f7e6b0b3cec3af3

Request headers

Accept
application/json, text/plain, */*
X-SessionId
808170cda69e42649c5a7a6c3c5bdf20
Referer
https://checkout.star-telegram.com/
Accept-Language
de-DE,de;q=0.9
X-TokenId
69A270FF63C54431ABD58CB5C95FA025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:55 GMT
access-control-request-method
POST,OPTIONS
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.star-telegram.com
x-iinfo
11-89525421-89525422 PNYN RT(1641412675903 0) q(0 0 0 0) r(1 1) U5
access-control-expose-headers
X-SessionId
x-stackifyid
V2|d0e9feba-de39-4582-93eb-2bcc3ac4a542|C65747|CD72
x-cdn
Imperva
content-encoding
gzip
access-control-allow-headers
X-SessionId,X-TokenId,Accept,Content-Type,x-requested-with
cache-control
private
2013763852-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame AD10 		113 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2013763852-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad66982d5e6c73df542a09d6f939bd3c8649b818f4935aa5a4f6f8e0ebb00d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39769
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 23:09:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 15:53:11 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame AD10 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fcheckout.star-telegram.com&client_id=938840581902-f6t7asf26ag15v9aca1lfo6hu9d486b1.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/2013763852-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
age
2246
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40
x-xss-protection
0
expires
Wed, 05 Jan 2022 20:20:29 GMT
GetConfiguration
us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/GetConfiguration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.193 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.193.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-sessionid,x-tokenid
Origin
https://checkout.star-telegram.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
private
server
Microsoft-IIS/10.0
x-stackifyid
V2|26dd58a3-23e0-4016-9948-5231be2f2c3b|C65747|CD72
access-control-allow-origin
https://checkout.star-telegram.com
access-control-request-method
POST,OPTIONS
access-control-allow-headers
X-SessionId,X-TokenId,Accept,Content-Type,x-requested-with
access-control-expose-headers
X-SessionId
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 05 Jan 2022 19:57:55 GMT
content-length
0
x-cdn
Imperva
x-iinfo
11-89525469-89525470 PNNN RT(1641412676105 0) q(0 0 0 3) r(1 1) U5
GetConfiguration
us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/GetConfiguration
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.193 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.193.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d7abb48874779ab1fb762195d1a7e1c7d8ff65ffc05f634deccd42a478ef670

Request headers

Accept
application/json, text/plain, */*
X-SessionId
808170cda69e42649c5a7a6c3c5bdf20
Referer
https://checkout.star-telegram.com/
Accept-Language
de-DE,de;q=0.9
X-TokenId
69A270FF63C54431ABD58CB5C95FA025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:55 GMT
access-control-request-method
POST,OPTIONS
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.star-telegram.com
x-iinfo
11-89525499-89525500 PNYN RT(1641412676249 0) q(0 0 0 0) r(3 3) U5
access-control-expose-headers
X-SessionId
x-stackifyid
V2|4b3a9113-ba31-4deb-841b-b94107e129aa|C65747|CD72
x-cdn
Imperva
content-encoding
gzip
access-control-allow-headers
X-SessionId,X-TokenId,Accept,Content-Type,x-requested-with
cache-control
private
VerifyActiveSession
us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/VerifyActiveSession
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.193 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.193.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-sessionid,x-tokenid
Origin
https://checkout.star-telegram.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
private
server
Microsoft-IIS/10.0
x-stackifyid
V2|2028ff5d-9bf6-46ca-909c-476fe9ea6041|C65747|CD72
access-control-allow-origin
https://checkout.star-telegram.com
access-control-request-method
POST,OPTIONS
access-control-allow-headers
X-SessionId,X-TokenId,Accept,Content-Type,x-requested-with
access-control-expose-headers
X-SessionId
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 05 Jan 2022 19:57:55 GMT
content-length
0
x-cdn
Imperva
x-iinfo
11-89525567-89525568 PNNN RT(1641412676593 0) q(0 0 0 0) r(2 2) U5
mpp
account.star-telegram.com/api/configs/ 		0
0
VerifyActiveSession
us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/ 		89 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us1-api.mppglobal.com/interface/Mpp/eDeveloper/v8/eDeveloper.json.svc/VerifyActiveSession
Requested by
Host: checkout.star-telegram.com
URL: https://checkout.star-telegram.com/apps/payment/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.193 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.193.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
41de1b9530c38d81fc70d3aefae06238cbb89946e390061b932703dad947ca46

Request headers

Accept
application/json, text/plain, */*
X-SessionId
808170cda69e42649c5a7a6c3c5bdf20
Referer
https://checkout.star-telegram.com/
Accept-Language
de-DE,de;q=0.9
X-TokenId
69A270FF63C54431ABD58CB5C95FA025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:57:56 GMT
access-control-request-method
POST,OPTIONS
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.star-telegram.com
x-iinfo
11-89525608-89525609 PNYN RT(1641412676732 0) q(0 0 0 0) r(1 1) U5
access-control-expose-headers
X-SessionId
x-stackifyid
V2|ff2416ce-f0bd-4631-b129-3a733ce374b1|C65747|CD72
x-cdn
Imperva
content-encoding
gzip
access-control-allow-headers
X-SessionId,X-TokenId,Accept,Content-Type,x-requested-with
cache-control
private

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
account.star-telegram.com
URL
https://account.star-telegram.com/api/configs/mpp

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| antiClickjack function| isFBIAOniOS function| getUrlParameter function| initFBIASocial function| openTwitterPopup function| twitterFlowCallback object| TwitterProvider object| IATwitterProvider undefined| pingInterval function| openApplePopup function| appleFlowCallback object| appleProvider object| CryptoJS function| initPasswordSwitch function| initStgSelect function| closeAllSelect function| initCardToggle function| toggle function| $ function| jQuery object| SocialAuth object| isGoogleLoaded function| initGoogleAuth function| onLoadGoogleCallback function| fbAsyncInit object| isTwitterLoaded object| angular object| angular1TextMask object| bootstrap function| Cleave function| clamplines object| FB object| gapi object| ___jsl object| osapi boolean| gapiLoded string| googleClientId string| facebookClientId string| twitterClientId boolean| socialConfigsLoaded

5 Cookies

Domain/Path Name / Value
.mcclatchydc.com/ Name: uuid230
Value: d6f18f57-522d-450c-baf8-829d3715f52e
.mcclatchydc.com/ Name: nlid
Value: a98b7acf|ead91a9
.star-telegram.com/ Name: ak_bmsc
Value: 7159FE9721F0618883338FBC94D65F5E~000000000000000000000000000000~YAAQfboQAgP0SMx9AQAArrvRKw6zcaBmWyk9ggZLSruJNy51NgN6t7+0EQMxj2ewjReRmFtQIk/+R3RtGD4I19+7pnQ1xfiYE5xJcZCZnAAWiLsrR7IGItD7Ih5fB05BZqbp5azbctEe4nXkhGAzJtw+4eIM0XcObClnQAEgpsySAzkUKDLM3H0Vm6CzPnNhvW+ehpxE/CExTjXfb3WZCrgz8dlq6/YjZoQjoW15RGqjjxoLNq68plqVUjR6wc8vT636sbpK22B1dfI3AaxmP92qdRVnw5oD6GkgRSAsGPkEAuVedJBOlJS1bkG4/NwbcYCDD63N2KmgGP7b+FKuvVV9iE8lm1Kp74+kC+t7yjW4MbCEq01cBllcMAAtSGPkkOJzO73K64EFww41Q+/r8rj6h9zFHlx8Pw==
.google.com/ Name: NID
Value: 511=BEoxB9HDMxuX40kkG36XyQ1KnaN2YuPpY1y6Eq32iy23Ibt_Le7GVDOuOyb5ulVv3PY3I2eig_qZRiYb4bkPIrs2vQmEBOF-tLEPdGMlz2Er6VBdcUjfI-mY2lt3Qt06SrPeKXuXCJFfsXEZrFAqWluFcfEcKYXbei62FniuIHQ
.checkout.star-telegram.com/ Name: G_ENABLED_IDPS
Value: google

3 Console Messages

Source Level URL
Text
security error URL: https://checkout.star-telegram.com/apps/payment/?ac_cid=DM588779&ac_bid=-1450476849&cid=eml_ret_.99mo-3mo-15.99-informed-connected-wk2_202201#/?guid=808170cda69e42649c5a7a6c3c5bdf20(Line 8)
Message:
The Content Security Policy directive 'frame-ancestors' is ignored when delivered via a <meta> element.
security error URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0(Line 282)
Message:
The Content Security Policy directive 'frame-ancestors' is ignored when delivered via a <meta> element.
security error URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0(Line 282)
Message:
The Content Security Policy directive 'frame-ancestors' is ignored when delivered via a <meta> element.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.star-telegram.com
accounts.google.com
apis.google.com
checkout.star-telegram.com
connect.facebook.net
ssl.gstatic.com
t1.news.mcclatchydc.com
us1-api.mppglobal.com
www.facebook.com
account.star-telegram.com
107.154.132.193
20.76.203.173
2a00:1450:4001:812::200d
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a02:26f0:6c00::210:ba81
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.191.76.37
17159bcdce2542377d11ee06a5d6c04469b4d977feb24a312dfbeac3529609d1
21891543f19b0f6f617591cd5b4624a09f0d74d01b3e9836bca0af56ddea6973
3284c7d89b4c067c6dcdc32359b537e86ec3b23920246d5a9d61692f0f34ca34
34c2d21f4739dfe70913b840b2cf1971109fb912d62b476f65270d75393ec22c
3d7abb48874779ab1fb762195d1a7e1c7d8ff65ffc05f634deccd42a478ef670
41de1b9530c38d81fc70d3aefae06238cbb89946e390061b932703dad947ca46
68a30ece93aba19195b47679e55ea5d10900ffe2a9803fda778b6c7a10d37e77
7462356b4d60b272317657dfd4ffbfa221d3387d863a4f86751664623a645363
7ddc1f3125c1c3c3e6cb0422f65eedddac57fc4716d5a88e4c947b0065a8ae95
7ee3b4d8f008016211a89e7c8fe78e11c9f47e933c177f1bd3065025b5992b6c
85c0bfa70bb79afae7106ee2b51a05afe0fa6d5bf7be550fff2082d6445c22b2
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9222cf59ff674e049b763dbd7b267ac8dfab21b3eba027023f7e6b0b3cec3af3
95754316846612d3cdbd0e71c4388a1caba9ad4e988856a01ab86338e965e613
ad66982d5e6c73df542a09d6f939bd3c8649b818f4935aa5a4f6f8e0ebb00d30
d1b4c569f8b58b11ecb29e62c57bc3e90d41e097e5afdbb25398fe8ec57070e9
df5c2c0aba6821732a4f4e71875e3a4a24d1d2e5ee3a25c5d0b44b7a5a8ee9f7
e83d4103d5a08ee59708b55d4bf32e1c8cf7579deff6f80cbcad67b1048bdedf