urlscan.io logo urlscan.io
SecurityTrails logo

www.mtgassist.com Open in urlscan Pro
107.154.165.29  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Submission: On August 10 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 45 HTTP transactions. The main IP is 107.154.165.29, located in United States and belongs to INCAPSULA, US. The main domain is www.mtgassist.com. The Cisco Umbrella rank of the primary domain is 389174.
TLS certificate: Issued by R3 on May 15th 2022. Valid for: 3 months.
This is the only time www.mtgassist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    107.154.165.29 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.165.29.ip.incapdns.net
www.mtgassist.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2400:52e0:1e01::883:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)
hb.vntsm.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net
ats.rlcdn.com
1    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    2600:9000:206f:7e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    143.204.215.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-6.fra53.r.cloudfront.net
geo.privacymanager.io
1    2600:9000:2057:c000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    2600:9000:206f:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2600:9000:206f:6800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    3.67.149.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-149-72.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    2600:9000:2057:9600:0:1651:6140:21 (None, )

ASN- ()
d1oykxszdrgjgl.cloudfront.net
1    34.95.69.49 (None, )

ASN- ()
i.clean.gg
Apex Domain
Subdomains		 Transfer
15 mtgassist.com
www.mtgassist.com — Cisco Umbrella Rank: 389174
155 KB
5 quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 11003
cmp.quantcast.com — Cisco Umbrella Rank: 4081
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12594
144 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
159 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
21 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 22977
309 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2578
46 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731
70 KB
1 clean.gg
i.clean.gg Failed
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
41 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 953
1 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1424
591 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 983
10 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1366
37 KB
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 28126
742 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
45 16
Domain Requested by
15 www.mtgassist.com www.mtgassist.com
3 cmp.quantcast.com quantcast.mgr.consensu.org
hb.vntsm.com
3 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
3 www.google-analytics.com www.mtgassist.com
www.google-analytics.com
3 hb.vntsm.com www.mtgassist.com
hb.vntsm.com
2 quantcast.mgr.consensu.org hb.vntsm.com
quantcast.mgr.consensu.org
2 maxcdn.bootstrapcdn.com www.mtgassist.com
maxcdn.bootstrapcdn.com
1 i.clean.gg hb.vntsm.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 audit-tcfv2.cmp.quantcast.com hb.vntsm.com
1 rules.quantcount.com secure.quantserve.com
1 test.cmp.quantcast.com hb.vntsm.com
1 geo.privacymanager.io ats.rlcdn.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 ib.adnxs.com hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 stats.g.doubleclick.net www.google-analytics.com
1 hb.vntsm.io hb.vntsm.com
1 fonts.googleapis.com www.mtgassist.com
45 19

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.diabolictutor.com
Subject Issuer Validity Valid
www.hoffmancreative.mtgassist.com
R3		 2022-05-15 -
2022-08-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.cmp.quantcast.com
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-08-07 -
2022-11-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Frame ID: 3E96C4B26971B883743C52BE61DD1D00
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Advanced Card Search - MTG Assist

Page URL History Show full URLs

  1. https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php Page URL
  2. https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

45
Requests

96 %
HTTPS

63 %
IPv6

16
Domains

19
Subdomains

20
IPs

4
Countries

994 kB
Transfer

3508 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php Page URL
  2. https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
signin.php
www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/ 		212 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
212
content-type
text/html
x-iinfo
13-196703269-0 0NNN RT(1660167423776 29) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18
_Incapsula_Resource
www.mtgassist.com/ 		177 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
29f32407790d6b6930fdeff1a27aba8236fdb5f50617c6842ec0f08fe17769ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
26024
content-type
application/javascript
_Incapsula_Resource
www.mtgassist.com/ 		29 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWHANEDL=7460170937111296612,13656915301024367399,10165846821495705526,1205049
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
29
content-type
application/javascript
Primary Request signin.php
www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/ 		50 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
Apache /
Resource Hash
9d49ad0c51ac7111aa27600795cdd4a7200aa00fca439a767b9cd291b6ccc313

Request headers

Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
12527
content-type
text/html; charset=utf-8
date
Wed, 10 Aug 2022 21:37:04 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
13-196703269-196703293 NNNN CT(120 126 0) RT(1660167423776 168) q(0 0 2 -1) r(4 4) U11
_Incapsula_Resource
www.mtgassist.com/ 		1 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWKMTFSR=1&e=0.1688737546265413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
www.mtgassist.com/ 		0
0
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,400,700
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ddec6b68f8e0e31a6e094ebe401af324a458a3174d2caf8ebe7a8ef9e6d96c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 21:37:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 21:37:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 21:37:04 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
17063690
cdn-cachedat
2021-04-13 02:48:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3e4766ad0ddfa4bdecb1b0dc22b73ef7
cf-ray
738bdee3dece928f-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
styles_v24.css
www.mtgassist.com/styles/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/styles/styles_v24.css
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
e0d154e31e8804876ba7c8569938d629ffce434940c956481c07bc40133c5088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 11:49:57 GMT
x-cdn
Imperva
etag
"f7827aa4"
content-type
text/css
x-iinfo
13-196703269-0 0CNN RT(1660167423776 647) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=699013, public
content-length
10397
expires
Thu, 18 Aug 2022 23:47:17 GMT
jquery-ui-1.10.4.custom.min.css
www.mtgassist.com/js_scripts/jquery/css/flick/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/css/flick/jquery-ui-1.10.4.custom.min.css
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
163cd32347b0ab98e2cd60e11b9659dea33237338d2151e5d7985bda94e69359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:43:03 GMT
x-cdn
Imperva
etag
"2c5db065"
content-type
text/css
x-iinfo
13-196703269-0 0CNN RT(1660167423776 649) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=782326, public
content-length
6349
expires
Fri, 19 Aug 2022 22:55:50 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ 		990 KB
297 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-883 /
Resource Hash
12b0b58c95b4f68138c0e7bd8ef877fd58af5d204be750dbb975c3ad1cdb43f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
br
cdn-edgestorageid
883
access-control-allow-origin
*
cdn-cachedat
08/10/2022 13:29:39
cdn-pullzone
131999
cdn-requestpullsuccess
True
server
BunnyCDN-AMS-883
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified
Wed, 10 Aug 2022 13:29:29 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"af9ceaaee77795ac8b9b63e0985de614"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
cdn-cache
HIT
x-bl
0
cache-control
public, max-age=86400
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid
256ab80cb3332d3a023af20a23d32ae8
cdn-requestcountrycode
DE
cdn-status
200
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
mtgassist-logo-rev.png
www.mtgassist.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/images/mtgassist-logo-rev.png
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
76aed71dd53c1b95006fab01d4e9c26b12917fe7bddfbd9cf9f8d1edb285cae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
last-modified
Tue, 15 Jun 2021 15:24:55 GMT
x-cdn
Imperva
etag
"fb4b95e7"
content-type
image/png
x-iinfo
13-196703269-0 0CNN RT(1660167423776 666) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=29553727, public
content-length
2858
expires
Tue, 18 Jul 2023 22:59:11 GMT
jquery-1.11.1.min.js
www.mtgassist.com/js_scripts/jquery/js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/js/jquery-1.11.1.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:42:35 GMT
x-cdn
Imperva
etag
"e0d00a6c"
content-type
application/javascript
x-iinfo
13-196703269-0 0CNN RT(1660167423776 682) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=699014, public
content-length
33161
expires
Thu, 18 Aug 2022 23:47:18 GMT
jquery-ui-1.10.4.custom.min.js
www.mtgassist.com/js_scripts/jquery/js/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/js/jquery-ui-1.10.4.custom.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
5399c388f01bcc2570da65a867e326faa27d8c3edc8733ba79991622e0f8a579

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:42:36 GMT
x-cdn
Imperva
etag
"7f85ec3d"
content-type
application/javascript
x-iinfo
13-196703269-0 0CNN RT(1660167423776 683) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=609728, public
content-length
60407
expires
Wed, 17 Aug 2022 22:59:12 GMT
jquery.lazyload.min.js
www.mtgassist.com/js_scripts/jquery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/jquery.lazyload.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
ad7d8319a77e1c991ddde63231363c86f7b2d6e930294cbb98e4cc1cd8a3e9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:41:42 GMT
x-cdn
Imperva
etag
"66d35607"
content-type
application/javascript
x-iinfo
13-196703269-0 0CNN RT(1660167423776 684) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=609727, public
content-length
1238
expires
Wed, 17 Aug 2022 22:59:11 GMT
scripts_v9.js
www.mtgassist.com/js_scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/scripts_v9.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
8e02885d1f79469ee0011840af2062d3a20b915af1a2949e729563440d227f94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
content-encoding
gzip
last-modified
Sat, 23 Apr 2022 12:30:50 GMT
x-cdn
Imperva
etag
"a81ef59a"
content-type
application/javascript
x-iinfo
13-196703269-0 0CNN RT(1660167423776 685) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=699013, public
content-length
1654
expires
Thu, 18 Aug 2022 23:47:17 GMT
plus.png
www.mtgassist.com/images/ 		299 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/images/plus.png
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/styles/styles_v24.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
070ff3266929b3d35ef13250d3f34a568caa8798e1ec1d05da6cfa6d86f214e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/styles/styles_v24.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
last-modified
Tue, 15 Jun 2021 15:24:55 GMT
x-cdn
Imperva
etag
"6436f152"
content-type
image/png
x-iinfo
13-196703269-0 0CNN RT(1660167423776 732) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=29673533, public
content-length
299
expires
Thu, 20 Jul 2023 08:15:57 GMT
ad_placeholder_sm.gif
www.mtgassist.com/images/ 		607 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/images/ad_placeholder_sm.gif
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/styles/styles_v24.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
b8b84045ab761b4387ff0de8a05ebe71cbd7edd7a6cd9ea801155f87c189b9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/styles/styles_v24.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
last-modified
Tue, 15 Jun 2021 15:24:55 GMT
x-cdn
Imperva
etag
"13f47831"
content-type
image/gif
x-iinfo
13-196703269-0 0CNN RT(1660167423776 733) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=29643013, public
content-length
607
expires
Wed, 19 Jul 2023 23:47:17 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://www.mtgassist.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
14100721
cdn-proxyver
1.02
cdn-cachedat
01/30/2022 20:52:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64464
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
358d61b1c8a5714fe4ee9c704a14721a
accept-ranges
bytes
cf-ray
738bdee43c7b9bb9-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2104
date
Wed, 10 Aug 2022 21:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Aug 2022 23:02:00 GMT
ui-bg_flat_75_ffffff_40x100.png
www.mtgassist.com/js_scripts/jquery/css/flick/images/ 		75 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/js_scripts/jquery/css/flick/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/js_scripts/jquery/css/flick/jquery-ui-1.10.4.custom.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
7a12bcefbd71667211185313fb2258501463408c5aaa407ca129cdfb66cc3a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/js_scripts/jquery/css/flick/jquery-ui-1.10.4.custom.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:04 GMT
last-modified
Thu, 18 May 2017 14:44:09 GMT
x-cdn
Imperva
etag
"70b406a8"
content-type
image/png
x-iinfo
13-196703269-0 0CNN RT(1660167423776 773) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=29673533, public
content-length
75
expires
Thu, 20 Jul 2023 08:15:57 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 10 Aug 2022 22:33:29 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=894005146&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2Fdb5f64b15%2Fsignin.php&ul=en-us&de=UTF-8&dt=Advanced%20Card%20Search%20-%20MTG%20Assist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAAjAAAAAC~&jid=281077173&gjid=2129686710&cid=62901917.1660167425&tid=UA-9030056-5&_gid=2077279326.1660167425&_r=1&_slc=1&z=1384287143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:37:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
603cde5988cbff67a6738951.enc
hb.vntsm.com/v2/live/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/603cde5988cbff67a6738951.enc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-883 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://www.mtgassist.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
DE
cdn-requestid
53bbbcb171b641e0ea9ad18ff5e1f488
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type
application/octet-stream
date
Wed, 10 Aug 2022 21:37:04 GMT
server
BunnyCDN-AMS-883
x-bl
0
content.html
hb.vntsm.io/ 		32 B
742 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:05 GMT
cf-cache-status
HIT
age
6845
cf-ray
738bdee6ce9f914a-FRA
content-length
32
x-amz-id-2
tvgMi9NBaWlgm8u+m3oNJPXHoEvLGpnNQ4wIuwCyIoCgEGUHnKQzBtlgaq3zdr3lvbWjagZ2rUk=
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
0GZNCBWSRM6R14PE
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
content-type
text/html
603cde5988cbff67a6738951.enc
hb.vntsm.com/v2/live/ 		109 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/603cde5988cbff67a6738951.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-883 /
Resource Hash
729080883e35ad5e2b60cf343ac3a14d454b6f4b99b26ee257646a6dc8d9a682

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
ref_url
aHR0cHM6Ly93d3cubXRnYXNzaXN0LmNvbS9zZWxmZGVmZW5zaXZlL2NoYXNlZml4L3NlY3VyZS9kYjVmNjRiMTUvc2lnbmluLnBocA==

Response headers

date
Wed, 10 Aug 2022 21:37:05 GMT
content-encoding
br
cdn-edgestorageid
883
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cdn-cachedat
08/10/2022 13:33:11
cdn-pullzone
131999
server
BunnyCDN-AMS-883
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified
Sun, 13 Mar 2022 20:21:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"7a92e0aa98fc3c60c4d6c9a1b77ebd11"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
cdn-cache
HIT
x-bl
0
cache-control
public, max-age=86400
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid
0474c0bc8c794a849ea219bb9c3a1d7d
access-control-allow-credentials
true
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9030056-5&cid=62901917.1660167425&jid=281077173&gjid=2129686710&_gid=2077279326.1660167425&_u=KGBAAAAiAAAAAC~&z=1923257144
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 10 Aug 2022 21:37:05 GMT
content-type
text/plain
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
f77f2dc9b6f0795bd37c21453e2f478f8f7160ad3b78ba939e003037405e90d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28612
x-xss-protection
0
server
sffe
etag
"1299 / 64 of 1000 / last-modified: 1660136572"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Aug 2022 21:37:05 GMT
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
63293
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Wed, 10 Aug 2022 04:02:13 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
6IKe81wwjFDGxrcQAq-d_zqJvrYwBS3S_njpIDse6nbwnA5NZwNWFA==
prebid
ib.adnxs.com/ut/v3/ 		57 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 21:37:05 GMT
X-Proxy-Origin
217.114.215.132; 217.114.215.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
97a44605-d88f-414d-8f1e-8e94f2e51c8d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
57
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
choice.js
quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/mtgassist.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/mtgassist.com/choice.js?timestamp=1660167425345
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c18839ed3157fe18c348e6e4b963b7409e74bdc0ce7504b5cdc35aeb0393a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 10 Aug 2022 21:37:05 GMT
content-encoding
br
last-modified
Tue, 10 May 2022 16:18:38 GMT
server
AmazonS3
age
25
etag
W/"a92e7f8d80737fe9a36a8288cf63688b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
NN4-QFFhUwOo7AYtR0SaiH9QsBxwCPw8URO4OyHqW5qdfxVelnbGJQ==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/mtgassist.com/choice.js?timestamp=1660167425345
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:37:05 GMT
content-encoding
gzip
etag
"jbwe3Q3ekqaoxOFJsLLUPw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Aug 2022 21:37:05 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=mtgassist.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/mtgassist.com/choice.js?timestamp=1660167425345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64f2f1f02fc851d4d6bdaab153f5511584d04c8fbe30742a2acedc68f955d547

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:36:55 GMT
content-encoding
br
age
18
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 14:10:55 GMT
server
AmazonS3
etag
W/"805f78a1dab7fe51dfcd464bfbbbcf04"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
WBPsEmaDvG40UnHvAaNcgnpRRKSwtbH_1fFC1XnlBUb3nJw3e9-WEQ==
/
geo.privacymanager.io/ 		28 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-6.fra53.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 03:51:40 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront), 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
age
63925
x-amzn-requestid
1c17debd-825b-4f39-94b2-cbf3c240c7cf
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62f32b4c-61ec50a479739ac87e9dc20e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, FRA53-C1
x-amz-apigw-id
WoOz6GaRjoEFkaA=
content-length
28
x-amz-cf-id
i7QIAzyeXeCL_hhsBbCFds2Yzvf1HjY7hz4NBSRqtzluRABIFeGTnA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl_2022080401.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132985
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Aug 2023 17:29:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		126 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mtgassist.com
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6661adf7097d27c599859ccdb13bc12d1208fc5fd5611780ef94a57f1a1ca4cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 21:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102
x-xss-protection
0
expires
Wed, 10 Aug 2022 21:37:05 GMT
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41c09c6682c87cb868672c03a081c388d01042a9e3c60c4392a6ab37e4fb8cc1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 03:00:36 GMT
content-encoding
br
age
66990
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 19:52:29 GMT
server
AmazonS3
etag
W/"4f1f5e216f7f20472159012baf38772d"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
y61kxy5VSWsGLb2rEv6K2cv85VG3tw1.
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA6-C1
content-type
application/json
x-amz-cf-id
Akj1_DNHiMhmwiI9p8Fi2xkqQZtfFChJXiMV6szZDMth-eRG9PmZ-g==
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:03:22 GMT
content-encoding
gzip
age
2024
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 10 Aug 2022 10:51:05 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
srhYB8J4B_9v183J5wSvgh_X9ILY4TNY-CR500VMhWNWNne5cNh4OQ==
cmp2ui-en.js
cmp.quantcast.com/tcfv2/43/ 		247 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/43/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=mtgassist.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc4dde25a5a7430ac92a98e5ea5a91ce49f3c45e8791581c999da75221b1264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 16:46:59 GMT
content-encoding
gzip
age
17407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 14:10:37 GMT
server
AmazonS3
etag
W/"cdd513c37d4fc734e0fb03e5d9e813a7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
DnGrA7rzHAQ9rch0TsR5JzlfHyqbsXfiFnzh27f23rIKnCQ5yvFgYg==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		334 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbced1c54d309f24692702fc294bc925c568c52af741531dd9a652ab9b3c34fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 03:00:39 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
66987
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 10 Aug 2022 03:00:33 GMT
server
AmazonS3
etag
W/"811acc35bbc6b38e0b17bf861c82bc2b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
mqMhj-AHfPVG451bVTxfW1UA-7Vtrw03O2nYAzTKUESXWIOTA3S8Yw==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		151 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f57228b35ed51d258308521640cede5584abf9b51e4acc477d446be364a0e26f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 03:03:52 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
66794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 10 Aug 2022 03:03:50 GMT
server
AmazonS3
etag
W/"6ce5330990e5431d5eebe3e51bc72d08"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
GTnHjNhjOo77iWQJ2QNAVfdv-ingIR_tZJ_s39vXBKrKsb20w6LIdg==
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22www.mtgassist.com%22%2C%22publisher%22%3A%22mtgassist.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.43%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%220h8DhhIOoMr2XGlcm9tQ7w%22%2C%22clientTimestamp%22%3A1660167425735%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-g2v7wk0gbapnyqni4e7a%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.149.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-149-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Aug 2022 21:37:05 GMT
content-length
2
content-type
text/plain; charset=utf-8
script.js
d1oykxszdrgjgl.cloudfront.net/ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9600:0:1651:6140:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bda759819f63ca2f01f398be728c686b23e757e7f49ac185209f97c640b437d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:34:39 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 18:57:04 GMT
server
AmazonS3
age
150
etag
W/"157c6271132083bd0f9c085e2a730476"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ZF9TK0TVmZaRjCrx570cMn6OSixqtQFoVBoGQWPnJAC8ZmRHfF-kSQ==
1a
i.clean.gg/ 		0
0
1a
i.clean.gg/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mtgassist.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Aug 2022 21:37:09 GMT
server
nginx/1.21.6
via
1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mtgassist.com
URL
https://www.mtgassist.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A25%2Cr%3A501)
Domain
i.clean.gg
URL
https://i.clean.gg/1a

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga function| $ function| jQuery number| totalAnswers number| correctAnswers number| keyupCooldown function| getSets function| getSuggestNames function| cleanUp function| resetForm object| jQuery111105280746167996444 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO object| __VM object| googletag object| uponit function| __tcfapi object| _qevents object| ats object| ggeac object| google_js_reporting_queue object| regeneratorRuntime function| __tcfapiui function| __uspapi function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing string| queryStringSeparator

7 Cookies

Domain/Path Name / Value
.mtgassist.com/ Name: visid_incap_2778846
Value: FqvfLB7WSpWK1CkOR75Aiv8k9GIAAAAAQUIPAAAAAAB4Js+DRsH1v7OkcYJ94pgT
.mtgassist.com/ Name: incap_ses_260_2778846
Value: ELY3JFqDoUWjFtOP7rSbA/8k9GIAAAAA7T4wwRVcUV7JJi5ENoO2Ug==
www.mtgassist.com/ Name: PHPSESSID
Value: ahe536du24vkv852lghe6t1dj5
.mtgassist.com/ Name: _ga
Value: GA1.2.62901917.1660167425
.mtgassist.com/ Name: _gid
Value: GA1.2.2077279326.1660167425
.mtgassist.com/ Name: _gat
Value: 1
www.mtgassist.com/ Name: _lr_geo_location
Value: DE

1 Console Messages

Source Level URL
Text
network error URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/db5f64b15/signin.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ats.rlcdn.com
audit-tcfv2.cmp.quantcast.com
cmp.quantcast.com
d1oykxszdrgjgl.cloudfront.net
fonts.googleapis.com
geo.privacymanager.io
hb.vntsm.com
hb.vntsm.io
i.clean.gg
ib.adnxs.com
maxcdn.bootstrapcdn.com
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
test.cmp.quantcast.com
www.google-analytics.com
www.mtgassist.com
i.clean.gg
www.mtgassist.com
107.154.165.29
142.250.181.226
143.204.215.6
185.89.210.101
2400:52e0:1e01::883:1
2600:9000:2057:9600:0:1651:6140:21
2600:9000:2057:c000:3:a4cd:8380:93a1
2600:9000:206f:2200:6:44e3:f8c0:93a1
2600:9000:206f:6800:9:46dc:4700:93a1
2600:9000:206f:7e00:9:46dc:4700:93a1
2606:4700:10::6816:2f8e
2606:4700::6812:bcf
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:400c:c00::9b
3.67.149.72
34.95.69.49
99.86.4.6
070ff3266929b3d35ef13250d3f34a568caa8798e1ec1d05da6cfa6d86f214e1
12b0b58c95b4f68138c0e7bd8ef877fd58af5d204be750dbb975c3ad1cdb43f6
163cd32347b0ab98e2cd60e11b9659dea33237338d2151e5d7985bda94e69359
29f32407790d6b6930fdeff1a27aba8236fdb5f50617c6842ec0f08fe17769ee
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
41c09c6682c87cb868672c03a081c388d01042a9e3c60c4392a6ab37e4fb8cc1
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
5399c388f01bcc2570da65a867e326faa27d8c3edc8733ba79991622e0f8a579
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
64f2f1f02fc851d4d6bdaab153f5511584d04c8fbe30742a2acedc68f955d547
6661adf7097d27c599859ccdb13bc12d1208fc5fd5611780ef94a57f1a1ca4cc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bda759819f63ca2f01f398be728c686b23e757e7f49ac185209f97c640b437d
6c18839ed3157fe18c348e6e4b963b7409e74bdc0ce7504b5cdc35aeb0393a35
729080883e35ad5e2b60cf343ac3a14d454b6f4b99b26ee257646a6dc8d9a682
76aed71dd53c1b95006fab01d4e9c26b12917fe7bddfbd9cf9f8d1edb285cae2
7a12bcefbd71667211185313fb2258501463408c5aaa407ca129cdfb66cc3a7d
8e02885d1f79469ee0011840af2062d3a20b915af1a2949e729563440d227f94
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9d49ad0c51ac7111aa27600795cdd4a7200aa00fca439a767b9cd291b6ccc313
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ad7d8319a77e1c991ddde63231363c86f7b2d6e930294cbb98e4cc1cd8a3e9c3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b8b84045ab761b4387ff0de8a05ebe71cbd7edd7a6cd9ea801155f87c189b9a8
cbced1c54d309f24692702fc294bc925c568c52af741531dd9a652ab9b3c34fb
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
ddec6b68f8e0e31a6e094ebe401af324a458a3174d2caf8ebe7a8ef9e6d96c65
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f
e0d154e31e8804876ba7c8569938d629ffce434940c956481c07bc40133c5088
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
efc4dde25a5a7430ac92a98e5ea5a91ce49f3c45e8791581c999da75221b1264
f57228b35ed51d258308521640cede5584abf9b51e4acc477d446be364a0e26f
f77f2dc9b6f0795bd37c21453e2f478f8f7160ad3b78ba939e003037405e90d6