purchasealerts.visa.com Open in urlscan Pro
104.18.24.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://purchasealerts.visa.com/vca-web/login
Submission: On June 19 via manual (June 19th 2024, 12:10:44 am UTC) from BR — Scanned from DE

Summary HTTP 44 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 44 HTTP transactions. The main IP is 104.18.24.178, located in and belongs to CLOUDFLARENET, US. The main domain is purchasealerts.visa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 6th 2024. Valid for: 10 months.

This is the only time purchasealerts.visa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	104.18.24.178 104.18.24.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	91.235.133.72 91.235.133.72	30286 (THM) (THM)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	2620:f3:0:14:... 2620:f3:0:14:b401:8ee8:4321:ad82	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
4	34.107.253.133 34.107.253.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
44	9

12 104.18.24.178 (None, )

ASN13335 (CLOUDFLARENET, US)

purchasealerts.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 91.235.133.72 (United States)

ASN30286 (THM, US)

thm.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

bymvu9pnc67l7ajjz5usui77kpkk275zv5y6ltnp68887bab25ab5caeam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.253.133 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.253.107.34.bc.googleusercontent.com

policy.cookiereports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	visa.com purchasealerts.visa.com thm.visa.com — Cisco Umbrella Rank: 37887	952 KB
4	cookiereports.com policy.cookiereports.com — Cisco Umbrella Rank: 66546	54 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3000 h64.online-metrix.net bymvu9pnc67l7ajjz5usui77kpkk275zv5y6ltnp68887bab25ab5caeam1.e.aa.online-metrix.net	795 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	179 KB
44	5

	Domain	Requested by
19	thm.visa.com	purchasealerts.visa.com thm.visa.com
12	purchasealerts.visa.com	purchasealerts.visa.com
4	policy.cookiereports.com	purchasealerts.visa.com policy.cookiereports.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	purchasealerts.visa.com www.googletagmanager.com
1	bymvu9pnc67l7ajjz5usui77kpkk275zv5y6ltnp68887bab25ab5caeam1.e.aa.online-metrix.net	purchasealerts.visa.com
1	h64.online-metrix.net	thm.visa.com
1	h.online-metrix.net	thm.visa.com
44	9

This site contains links to these domains. Also see Links.

Domain
usa.visa.com
policy.cookiereports.com
www.visa.com
www.digitalcontrolroom.com

Subject Issuer	Validity	Valid
purchasealerts.visa.com Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
thm.visa.com SSL.com RSA SSL subCA	`2024-02-22` - `2025-02-21`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
policy.cookiereports.com Gandi RSA Domain Validation Secure Server CA 3	`2024-05-07` - `2025-05-24`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://purchasealerts.visa.com/vca-web/login
Frame ID: 58E09CD597878DECAE85CA3EA83CE28B
Requests: 22 HTTP requests in this frame

Frame: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Frame ID: 538550C6094E23CBF3B3D17CECE373D6
Requests: 14 HTTP requests in this frame

Frame: https://thm.visa.com/fp/HP?session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&org_id=bymvu9pn&nonce=68887bab25ab5cae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 2F030BB374CD85AB5D75050E2D3F5A76
Requests: 3 HTTP requests in this frame

Frame: https://thm.visa.com/fp/ls_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae
Frame ID: 569718C12645EA84532AB218E1AF5C2F
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae
Frame ID: C82FDF208A8EF2D80A6138F12A58F1C2
Requests: 1 HTTP requests in this frame

Frame: https://thm.visa.com/fp/top_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae
Frame ID: 856C8D38342691B5DB5AB5FF1266B547
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - Visa Purchase Alerts

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

44 %
IPv6

5
Domains

9
Subdomains

9
IPs

3
Countries

1207 kB
Transfer

5091 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://usa.visa.com/legal/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policy.cookiereports.com/96c03034-en-gb.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.visa.com/purchasealerts
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.visa.com/cookie-notice
Title: Visa Cookie Notice

Search URL Search Domain Scan URL

URL: https://www.visa.com/globalprivacy
Title: visit our Global Privacy Center

Search URL Search Domain Scan URL

URL: https://www.digitalcontrolroom.com/
Title: Powered by Digital Control Room

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request login Show response
purchasealerts.visa.com/vca-web/ 4 KB
3 KB 463ms
418ms Document
text/html 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa1fe1d7d695ef71be75276c6e0339ff6e70346bcbc52d8f38a0afb73699b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 895f4c13cf572c2f-FRA
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 19 Jun 2024 00:10:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-CORRELATION-ID: 1_1718755838_403_48_b2k8l73-6588685864l8f_VCA-WEB
X-Frame-Options: DENY
X-SERVED-BY: b2k8l73-6588685864l8f

GET
H/1.1 200 main.8d204929.js Show response
purchasealerts.visa.com/vca-web/static/js/ 2 MB
500 KB 205ms
204ms Script
application/javascript 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/static/js/main.8d204929.js

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbbf65eed86fbf730ca192bba59874d60daff4b6341d79e1ab7f8fc30207a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:38 GMT
X-CORRELATION-ID: 1_1718755838_579_49_b2k8l73-6588685864-7n_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: MISS
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Encoding: br
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-6588685864-7n
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"2454802-1716291650000"
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c166a0a2c2f-FRA
Expires: -1

GET
H/1.1 200 main.4576daf1.css
purchasealerts.visa.com/vca-web/static/css/ 705 KB
108 KB 191ms
175ms Stylesheet
text/css 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/static/css/main.4576daf1.css

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aa1b25d0483d97e614f913e40377c41bb091f25a03d35bcd1a8e1f589e35346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:38 GMT
X-CORRELATION-ID: 1_1718755838_581_44_b2k8l73-6588685864k_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: MISS
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Encoding: br
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-6588685864k
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"721932-1716291650000"
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c168fc430db-FRA
Expires: -1

GET
H/1.1 200 VisaBehaviorAnalytics-3.1.2.min.js Show response
purchasealerts.visa.com/vca-web/static/js/ 239 KB
86 KB 379ms
362ms Script
application/javascript 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/static/js/VisaBehaviorAnalytics-3.1.2.min.js

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6cc8939e3f1c0e747d7dd077173347572baa6e5a1f4cd21b332c52aca09215d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:38 GMT
X-CORRELATION-ID: 1_1718755838_782_53_b2k8l73-6588685864k_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: MISS
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Encoding: br
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-6588685864k
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"244348-1716291650000"
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c1689cf9241-FRA
Expires: -1

GET
H/1.1 200
OK tags Show response
thm.visa.com/ Frame 5385 922 B
1 KB 62ms
14ms Document
text/html 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

cb196b7e9ad5b68cea0aac5d5dba03945f122ea3ea23e5f85161dbd5150e2f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://purchasealerts.visa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 423
Content-Type: text/html;charset=UTF-8
Date: Wed, 19 Jun 2024 00:10:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
P3P: CP=IVAa PSAa
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
77 KB 58ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-574WHV

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

033861e2ae7eedb5538a51aaff3affe302df9e8328b4727459c80c296de67ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:10:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 00:10:38 GMT

GET
H/1.1 200
OK clear.png
thm.visa.com/fp/ Frame 5385 81 B
474 B 13ms
13ms Image
image/png 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear.png?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&ck=0&m=2

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=62EA833FECC3D67267A445C31BB2C009 Show response
thm.visa.com/fp/ Frame 5385 348 KB
63 KB 36ms
23ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/check.js;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

60678c98a628a19de9221798a2ae180a568db7dfa2cfa353ef03b9596b33813c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 68887bab25ab5cae
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-574WHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 23:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1775
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jun 2024 01:41:03 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-8JYVQ0NH9R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-574WHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b41e7ac5502329f4fafd805fcb2aac76c7e1d48d0dfdc2ec8635ac20760b13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:10:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103769
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 00:10:38 GMT

GET
H/1.1 200
OK clear.png
thm.visa.com/fp/ Frame 5385 81 B
475 B 13ms
12ms Image
image/png 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 14ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=980964048&t=pageview&_s=1&dl=https%3A%2F%2Fpurchasealerts.visa.com%2Fvca-web%2Flogin&ul=de-de&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=137170460&gjid=1855071417&cid=1612008636.1718755839&tid=UA-61684798-11&_gid=841711678.1718755839&_r=1&_slc=1&gtm=45He46h0n71574WHVv72218540za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1136814844

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 00:10:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://purchasealerts.visa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JYVQ0NH9R&gtm=45je46h0v9105463351z872218540za200zb72218540&_p=1718755838861&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1612008636.1718755839&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718755839&sct=1&seg=0&dl=https%3A%2F%2Fpurchasealerts.visa.com%2Fvca-web%2Flogin&dt=&en=Page%20View&_fv=1&_ss=1&tfd=1067&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-8JYVQ0NH9R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 00:10:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://purchasealerts.visa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
thm.visa.com/fp/ Frame 2F03 19 KB
6 KB 14ms
14ms Document
text/html 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/HP?session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&org_id=bymvu9pn&nonce=68887bab25ab5cae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

527e00aa3d82d7f8e9befa8594799a6702e5517c059bee0d7312aebdb2728a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5846
Content-Type: text/html;charset=UTF-8
Date: Wed, 19 Jun 2024 00:10:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
thm.visa.com/fp/ Frame 5385 81 B
476 B 13ms
13ms XHR
image/png 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*, bymvu9pn/68887bab25ab5cae_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 19 Jun 2024 00:10:39 GMT
Server: Apache
Etag: a92f501fef3d45248a39d5d72fad113b
Content-Type: image/png
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 81
Expires: Mon, 18 Jun 2029 00:10:39 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009 Show response
thm.visa.com/fp/ Frame 5697 93 KB
14 KB 17ms
16ms Document
text/html 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/ls_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a52f6de99b0188175ed2d99903e39c898783aa7b0b723bcc2c34f9eba33e0640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 19 Jun 2024 00:10:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
thm.visa.com/fp/ Frame 5385 0
398 B 14ms
13ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
thm.visa.com/fp/ Frame 5385 134 B
656 B 15ms
14ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/es.js?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

639735efc1e92e129500260c1db9c0583e3d1fa63a79ee20c392949e6ab449f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009
h.online-metrix.net/fp/ Frame C82F 0
0 67ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://thm.visa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 19 Jun 2024 00:10:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009 Show response
thm.visa.com/fp/ Frame 856C 91 KB
13 KB 17ms
15ms Document
text/html 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/top_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

957527f5006473390d8305ee3e6ab122156f05636df755268c732b5c0aef6628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 19 Jun 2024 00:10:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
h64.online-metrix.net/fp/ Frame 5385 0
357 B 480ms
155ms Script
text/plain 2620:f3:0:14:b401:8ee8:4321:ad82
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/fp/clear.png?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&i=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear.png Show response
thm.visa.com/fp/ Frame 5385 0
218 B 15ms
14ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&ja=383133342424633f34302e7a373432266635313c323a703330383824616635313e32387231303032267378733d313f3538783b3b37382c6478703533243b3632382e3b3230302c31343832243b32323a2e3338382c393a3a26333c3a32243938323026313f37322c33333732246d7c3d38356435316c333b36336d34606e3a3239623e366a663b32376030636633633e266d643f3a267969643538342e6e603f607e74727b27394125324625304e7660672e74637163266b6f652f384c766b6d712d3b4c6d726d5f636427334660796f7475317064273036736d73796b65665d6b6c2d31445f7c333d417f5a4764304e644f576d3530735747364553637e334d4a367c4b5852573a5256484162657161584c53727c4c73416c52605270615d53384a705f35457a4173554f704f677a474f6c415449674e7943464f6a4a5776606d6d654e785b3d6c6126786c35372e7a683f653a3032646c61353f373939396c346d6865303b31316d683463313b3839306426686a35303c3d35303b33353038383d3c683937336936393f3f3b303f393f38353967672668716f3557636c666f777b2538323b3924687b6a3f43687a6f65672d3830333234266a7365753d5d6b6664657d732e60736a77354160786f6f6d246468633d313224666665373824646f767835302e7e706e3f4f7f7067786f27324c426f726e696c246d6376687a3d3e32323364396338606f6b32306d3e6163353e30383a3a6b643335373430316c64343f3a30313e3b643e6f6169303c666b3334636e606e3732333133333134692c6470376a767c78732d394b2f304c2f304e787f706362617965636c677074712c7661736b2c616f6d2d324c247a35726e7d6f6b6e5f6e6c6971602f354766636c73652b706c7f65616e557d69666e6f7f71576f6d6e69635772666179657225374d64696673672b726e7d6f6966556b6e6d686f5d696b786d626b742f354766636e7367237064756d6b6c5f717d6969697e616f672d3d47666164736d2378667565696c5f736865636b7d637e652f3f456e6b6c7b672972647f676b665d7865616c706c6371677a2f35476c636e7b6d2178667f6d6b645574646b55726c6b796f7227354764616e71652970667765696e57646f746b6474702d3d47666164736d2378667565696c5f73766d5f7663677f65782f354d6c6164716d2378667565616c556a61766125374d64696673672c656e576b3d7f6f686d6e5d6f604f442f30303b2e3a2530302a4d70676c47442538324753253a30382c3a2d30324b60706f6d6175652b5f6f62454c2732304746534c2f303845592f32383b2e38273a32204570676645462532304553273a324f46534e2f30324d5b253a3a3b24322f38324b60786d6d6375672955656049697655656a4b63762732305f65684546494c45444d5d696e7b74696c6b6f645d617072617979253348273a304f525457686c6d6c6c5d65636e6f697a2f334225323047505657696c6b7a5d616766747a65662f31482f30384d52565f696f666f705f60776664677257686b6e645f66646f6b762f3b40273a3847585457646d727c625f616c636d702539422538324d585e55666465617c5d6a6e6d6464273b402f32304558545d6e70696d5f666f7276602d334a2f383a47525e5d7867667b67656e556f64667167745d616c696d7a273142253a304f5a5e57716a696c67725f7c6570767d78655d6c6d6425334825323a475054557e65707e757a675761676770706d7179696f6e5f62727c612d394227383247505c5f7c6f727e77786f5d6b676772726f7379696d6e5d70677661253b422f303245585c5f7e67727c77706d5764696c7c657a5d696469716f76726f7063632539402d323a4f585c55746d7a7c777a6f5f6f6170786f725f636c636572577e6f5d6f66656d2d334a2f383a47525e5d7b5a4d402539422f32324f47515f676e65656564765d696e6c65725d7f616c762d3b402532384f4d51576c626d5f70656e646f725f676b786d6b7a253b48253a3247475b557376696c6e6172645f64677a6b7e6b746b7c67712d3b422d383a45475955766d707e77726f5f6c6c6d61762733402732384f4f515d746570747f706f57646e6769765f6c616e6d637a2f33402530304f45595f746f7a7c75786f5f606b6c6e5d6e6e676b74273b402f32304f45535d7c67707e75706f5d6a696466576c6665637e556e61666f63722f33482530304d47535d74657a746f7a5d61727a61735d656a68676b7c2733422d3238554d48474e5f616f6c6f785f627f646e657855666465617c273b402d3830554d404d4c5f636f6d727a677b796566557667707c757a6f556b717e69273b4a2f30305d4548474e5f616d6d7270657b736f665d746570747f706f5767766b2d3142253a305f474a4d4c5d636d6d70726f73736f6657746f72747d786557677c61392f33402d303a574542474c5d6b6d657a72677971676c57746d727e7f706f55713b7c69273348253830554540454c5d616f657078677173656c5f7e67727c77706d577133746b5f7b706f68253142273230574f4247465d6c65687f6757786566666d706d785f6b6664652533422532325f474a4d4c5d6e67607d6f5f7b626b6e677879273b4a2f30305d4548474e5f666770766a5f7c6572767772652d334827383855474a4f4e5f647a617f5d6a7f666465707325334825323a554d424d465f6465736d5d6b6d667e657a7c27394225323057474a4544556d7766766b576c72697d2f39402f38325f4d48454c5570656c7b676d6c5f6f6d646d313c24656c5f603d32346c3b613a3c693a37316a343067696e3836363b6164346b37623f613e30326838696e353d333e247f6d6c74354b6474656c253232416c6b2426756d6e7035416e7c6f662f303a4370617b2f303045706f6e454c273030476c67616e6f246163643534&jb=3b3532266e733d4f6d7a616c66632732463d2e3a2738382a556166666f777b253a32465e25303033302e302f33422f3038576364363c2f334a273a32703c342b2d303a4170706c65556d60436374273844373b3f2e3b3c2f383222414a5c45462732492538306e696967253032476d63616d2b253238436270656567273a4e33323626302632263a2530305161666178692538443d333d24333e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
bymvu9pnc67l7ajjz5usui77kpkk275zv5y6ltnp68887bab25ab5caeam1.e.aa.online-metrix.net/fp/ Frame 5385 81 B
438 B 182ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bymvu9pnc67l7ajjz5usui77kpkk275zv5y6ltnp68887bab25ab5caeam1.e.aa.online-metrix.net/fp/clear.png?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&di=yes

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 configurations Show response
purchasealerts.visa.com/pas/apps/7d955368-76f3-4862-410a-18d406710101/ 531 B
2 KB 478ms
477ms XHR
application/json 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/pas/apps/7d955368-76f3-4862-410a-18d406710101/configurations?countryCode=US

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/static/js/main.8d204929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272ac4d4df6b95adcdec517a7db749eccb6599e680e51b3fa0b258ad18a6a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CORRELATION-ID: 1_1718755838_403_48_b2k8l73-6588685864l8f_VCA-WEB
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json
Referer: https://purchasealerts.visa.com/vca-web/login
X-THMID: _t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
X-Requested-With: XMLHttpRequest
DFPSESSIONID: _t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
X-CORRELATION-ID: 1_1718755838_403_48_b2k8l73-6588685864l8f_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: DYNAMIC
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Encoding: br
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-7b5579d9f8s, b2k8l73-67c5479684c
Pragma: no-cache
X-APP-ID: 7d955368-76f3-4862-410a-18d406710101
Server: cloudflare
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Cache-Control: private ,no-cache, no-store, must-revalidate
X-APP-STATUS: 200
CF-RAY: 895f4c1c6cf89241-FRA
Expires: -1

GET
H/1.1 200
OK check.js Show response
thm.visa.com/fp/ Frame 2F03 210 KB
29 KB 23ms
22ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/check.js?&pageid=99998&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&org_id=bymvu9pn&nonce=68887bab25ab5cae

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/HP?session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&org_id=bymvu9pn&nonce=68887bab25ab5cae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

274294a7d8d3c35db0578613332c25b5eeba42177dc7d2e1661ffaf03848789f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/fp/HP?session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&org_id=bymvu9pn&nonce=68887bab25ab5cae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 68887bab25ab5cae
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=93
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=62EA833FECC3D67267A445C31BB2C009 Show response
thm.visa.com/fp/ Frame 5385 0
218 B 14ms
13ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear3.png;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&jac=1&je=323424266f67646a3f283b2538413325324b332f30493061673a3b6038346e373e63383b373738636462303838656f3038323e3e373c33356b6339606d32663b313a33313862666367383b316c6264333731386e323823

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200 en.json Show response
purchasealerts.visa.com/vca-web/locales/ 35 KB
10 KB 146ms
145ms Fetch
application/json 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/locales/en.json

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/static/js/main.8d204929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301e57616035a393dd253c8ab46c64c7ffa25ce5ac57f0368ed372c7d3f1966c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
X-CORRELATION-ID: 1_1718755839_619_45_b2k8l73-6588685864k_VCA-WEB
Content-Encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
Connection: keep-alive
X-SERVED-BY: b2k8l73-6588685864k
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"35687-1716291650000"
X-Frame-Options: DENY
Content-Type: application/json
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c1d0ed42c2f-FRA
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
thm.visa.com/fp/ Frame 5697 0
398 B 13ms
13ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/ls_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/fp/ls_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
thm.visa.com/fp/ Frame 5697 134 B
654 B 14ms
13ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/es.js?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ce3e8e2c5c4bf913c4428b4224be295473a6f974a41a87634004abed20c6329f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/fp/ls_fp.html;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 VisaDialectUI-Semibold-Web.b4cbeac10347670e7738.woff2
purchasealerts.visa.com/vca-web/static/media/ 40 KB
42 KB 159ms
158ms Font
font/woff2 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/static/media/VisaDialectUI-Semibold-Web.b4cbeac10347670e7738.woff2

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/static/css/main.4576daf1.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f110c264cb2562120ab83c4b59d0d52ccdc7e7407f5c052967feb3aca6e06e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/static/css/main.4576daf1.css
Origin: https://purchasealerts.visa.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
X-CORRELATION-ID: 1_1718755839_935_53_b2k8l73-6588685864-7n_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: MISS
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
Content-Length: 41068
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-6588685864-7n
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"41068-1716291650000"
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: font/woff2
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
CF-RAY: 895f4c1ef87e2c2f-FRA
Expires: -1

GET
H/1.1 200 visa_vbm_blu.34680b8feaaa7480e99503b86466e14d.svg
purchasealerts.visa.com/vca-web/static/media/ 867 B
2 KB 162ms
162ms Image
image/svg+xml 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://purchasealerts.visa.com/vca-web/static/media/visa_vbm_blu.34680b8feaaa7480e99503b86466e14d.svg

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0513199120cf8d224f5d700a2298f6a12e2a128bb9ef8e84036d14f4d5b7643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:39 GMT
X-CORRELATION-ID: 1_1718755839_952_51_b2k8l73-6588685864-7n_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: MISS
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Encoding: br
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-6588685864-7n
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"867-1716291650000"
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c1f1cec30db-FRA
Expires: -1

GET
H/1.1 204
204 clear1.png;CIS3SID=62EA833FECC3D67267A445C31BB2C009
thm.visa.com/fp/ Frame 5385 0
400 B 17ms
17ms Image
image/png 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear1.png;CIS3SID=62EA833FECC3D67267A445C31BB2C009?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&jf=3e313a26716b645d706e6c3d7e66705f516a647d353b4252353a6246503563482e71616e5f666176653d313d31383d373d383933267b6364577671726d3777676a386f63647361267161665761657b3731323d3133383b393a343a3d3069303c36386965396432323233303432383a6132343638636d336e32393833323f38313432383038363e39303536313866626f613733613f65326b313033306a343c36393235303a376e6461353565666d35303a63616e37633c3d65303e3a6c356c323a3d3f3b30346e3133336464343b663660333a613c676136656e346f36386c37356c3964666431346e613d6f336332306332323b61666c3b3f333a6c63306b613d323f3a396e26716166557369673d33323c34383832333a323a3d69626e383b3c313c393639393d31323b6469633a303164383366333c323f3b60663569393d676f6967366c6e3737303d356d336b6b3232643b6330303b6230383039303a6c333c33313b32313b6c3835303f646e3638396333613b3530686234696335386e35696b3f6e663e6b373e6d3e63313d32683935303233613366303a306e376726736166783f3a

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=91
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 VisaDialectUI-Regular-Web.21d42f97c7c66cd52dca.woff2
purchasealerts.visa.com/vca-web/static/media/ 40 KB
42 KB 498ms
483ms Font
font/woff2 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/static/media/VisaDialectUI-Regular-Web.21d42f97c7c66cd52dca.woff2

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/static/css/main.4576daf1.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e96c7bded8692b1c8ab6094564872565d4e3df584eb983dca7ecb1a74fae3980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/static/css/main.4576daf1.css
Origin: https://purchasealerts.visa.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:40 GMT
X-CORRELATION-ID: 1_1718755840_246_41_b2k8l73-6588685864-7n_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: MISS
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
Content-Length: 41064
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-6588685864-7n
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"41064-1716291650000"
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: font/woff2
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
CF-RAY: 895f4c1f6e6e9241-FRA
Expires: -1

GET
H/1.1 200
OK clear.png Show response
thm.visa.com/fp/ Frame 5385 0
398 B 15ms
14ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&jac=1&je=3b32303124246a646c3d3b2660646a3d3931363b353b6e6064313f3137653b363f60693d35366260333962693432693a2e6a6c7e6e353a3a3b343f383b2c706f356c6526626174737635273f482530386e677e6d6c2d38382f314b3b2c38382f30432f32387376617677732730322d334b2730326360617865636665273a3a2737442e617d666037636337603965366f36383b616b61693c663a6b376b333130313936313c346835633331373b3e603c6e38666e363a3e38303b326c6f366c3a316e6b6e3a343f392c657a333f61313161346d303f3b6738316c303d356c3b64666a386638383f61313a3c3e613a62676333633962267f63603d2f3d422d383269706b6a617e65617c777865253232253149273a38783a3c27303a2d324b2f383860637e6c6d7b7927323825394127323034342730322d3249273032627a616466792d30302d3b4325354a253f402d38326072636e642538322539432d32384d6f676d6c6d273a324b62726d65672f3232253243273a307e6f7271636d6c2d3a322d394b2f30383b303e2d3830253d442f3241253540253030627a6164662732322d334b27383a4c6d7c2d31414125427a63666e253032273243253832766f707b696564253a38253b432d303a3225303a273d4425324325354a273a3862706b6c662d3a322d394b2f3038496a7a67676b756725383227324127323074657a73636d6c25323a2539432f3a30333a3e2732322d374c273d4e253043273232667f6c6c5c677a7363656e4463737c273a302d3941273d402f3742253232607a63666e2530382731492d323a44657e27384c43214a78636e6e25383227324127323074657a73636d6c25323a2539432f3a303a26382c302e38253a302d3d442732412537422f32326870696e6e2f323a2f3349273a304b62726d656b7f6d25323225304b273a38766778716b6766253a382f39432f3830393a3c2c3024363e373a2e3433253030253f442f304125374a253830687a636c6c2d3032253b412d303a4d6f6d676e6525323a4368786d65652f38322d38432d303a746d78736b676c2f3232253341273a303938362c3a2c343c3f38263c3b2f30382f354c2d3f462538432f32306d6d60696e67253a322f3143666164736f27384b27303a656d646564253a302d39412732302532322f32432f303a70666b746e657265273a302d3941273a305d696e333225303a273a49253038726e697c666778675c6778796b67662f30322f334b25303233322e322c302d3238273043253a327d6d7d3e36273a3a2733416e6164716d2f37462677616c3d2f37422f303a62786b6e6c79253a302d31492f35402d354825323262726366662d3832273943273a3a4767656d66672f38324b60786d6d6f25383227324127323074657a73636d6c25323a2539432f3a30333a3e2732322d374c273a492535422732326278616e6e273a322f39412d3832466d7c273b4b412f4a706b6e64253232273a412d3832746f707161676e2d38382f314b2f303a302f30322f374e2530432735422730326a726b6c6625323a2539432f3a3041607a6d6d697d6d2d303a2f32412530327665787369656c2d32382f33492f323a333a342d3832273f462f3544253243273a306565626b6667273a3a253b4b6c6b6e796f273a4b2f30327a6c6b74646f706f253030253b412f3030576966333827383a27354c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 96c03034_panel-en-gb.js Show response
policy.cookiereports.com/ 99 KB
21 KB 52ms
13ms Script
application/javascript 34.107.253.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.cookiereports.com/96c03034_panel-en-gb.js
Requested by: Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/static/js/main.8d204929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.253.107.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ec9e9f223734c3637c92f7852d0f7e8def7fddead95d8a3bc01ec860f530aca7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:10:39 GMT
content-encoding: gzip
via: 1.1 google
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200 en-US.json Show response
purchasealerts.visa.com/vca-web/locales/ 35 KB
10 KB 153ms
152ms Fetch
application/json 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/locales/en-US.json

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/static/js/main.8d204929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301e57616035a393dd253c8ab46c64c7ffa25ce5ac57f0368ed372c7d3f1966c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:40 GMT
X-CORRELATION-ID: 1_1718755840_013_49_b2k8l73-6588685864k_VCA-WEB
Content-Encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
Connection: keep-alive
X-SERVED-BY: b2k8l73-6588685864k
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"35687-1716291650000"
X-Frame-Options: DENY
Content-Type: application/json
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c1f78171b35-FRA
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 en-US.json Show response
purchasealerts.visa.com/vca-web/locales/ 35 KB
10 KB 266ms
137ms Fetch
application/json 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/locales/en-US.json

Requested by

Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/static/js/main.8d204929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301e57616035a393dd253c8ab46c64c7ffa25ce5ac57f0368ed372c7d3f1966c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:40 GMT
X-CORRELATION-ID: 1_1718755840_147_58_b2k8l73-6588685864-7n_VCA-WEB
Content-Encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
Connection: keep-alive
X-SERVED-BY: b2k8l73-6588685864-7n
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"35687-1716291650000"
X-Frame-Options: DENY
Content-Type: application/json
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c206d9a30db-FRA
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
policy.cookiereports.com/j/ 87 KB
30 KB 8ms
7ms Script
text/javascript 34.107.253.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.cookiereports.com/j/jquery.min.js
Requested by: Host: policy.cookiereports.com
URL: https://policy.cookiereports.com/96c03034_panel-en-gb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.253.107.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:02:52 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 17 May 2021 11:55:14 GMT
server: Apache
age: 467
etag: "15d84-5c2854430b2e4-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30910

GET
H3 200 new-window-gold.svg
policy.cookiereports.com/i/visa/ 2 KB
2 KB 12ms
11ms Image
image/svg+xml 34.107.253.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://policy.cookiereports.com/i/visa/new-window-gold.svg
Requested by: Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.253.107.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d7a1298b26ab030556f43bfd890a3dde2cdf7ef61c85c93c775662cba24e3717

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 23:33:04 GMT
via: 1.1 google
last-modified: Tue, 07 Dec 2021 10:52:38 GMT
server: Apache
age: 2256
etag: "97a-5d28c2bf6f2a9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2426

GET
H3 200 white_trans_down_18px.png
policy.cookiereports.com/i/visa/ 762 B
782 B 11ms
10ms Image
image/png 34.107.253.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://policy.cookiereports.com/i/visa/white_trans_down_18px.png
Requested by: Host: purchasealerts.visa.com
URL: https://purchasealerts.visa.com/vca-web/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.253.107.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: ae7146fe6947c9f4043ad729faa948ac33d65a8ff7dee841c6951224bb5caa68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 23:14:39 GMT
via: 1.1 google
last-modified: Sun, 08 Dec 2019 12:34:38 GMT
server: Apache
age: 3361
etag: "2fa-599308093c0d6"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 762

GET
H/1.1 200
OK ARF;CIS3SID=BB1376181874B5A70785E81CDD8A71FB Show response
thm.visa.com/fp/ Frame 2F03 35 B
557 B 15ms
14ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/ARF;CIS3SID=BB1376181874B5A70785E81CDD8A71FB?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&pageid=99998&sera_parametere=UEgFWlNXBwELBQVUUVtXUwUID1xUA1NQAwAHV1daWQYODQ0NB1BQUAoDUkRGEFwMWEhNTERHUiYXAiNHAidEVwZSS11bBwwHXEESRwYnRFJ0CB0Pc0dTUlpaEhZGRlIhEw96HQAmRwZbCFcBUwcHBAVdXFpSAFRRAQ1QWwRUWFwBDl0LU1dSUwMDVFICUVdTUlkeVlgMAgcPA1laDVQDBFQKDVlVVwIDVxMLEQhTGVAHXQ4IU1IHAwUMAFEMBldXV1kPWwIHAgdWAVIHBQBRVVVbCFwDUldEU1xcUAZaVkNfUQUVBkQRCw8MWFsMW0cNXQUeWgohCRBdWAREVxVcVAQOHlpYEVw1W1sFDUIQRwZUBUxcTT0CA15ZAwNWCEcAQgUMCQ%3D%3D&count=0&max=0

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js?&pageid=99998&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&org_id=bymvu9pn&nonce=68887bab25ab5cae

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2b4f828dd9fb01cbcddace6e1d3e16562f416b2c127a3a316b1e032e0ade76fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/fp/HP?session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&org_id=bymvu9pn&nonce=68887bab25ab5cae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=89
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
thm.visa.com/fp/ Frame 5385 0
398 B 13ms
13ms Script
text/javascript 91.235.133.72
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.72 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:10:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=88
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 favicon.ico
purchasealerts.visa.com/vca-web/ 15 KB
4 KB 362ms
362ms Other
image/x-icon 104.18.24.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://purchasealerts.visa.com/vca-web/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b94eed7fd22e90dd678761d0d2cdbea7f6a686005021fe340083a1e1ece3732a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/vca-web/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:10:40 GMT
X-CORRELATION-ID: 1_1718755840_704_54_b2k8l73-6588685864k_VCA-WEB
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
CF-Cache-Status: MISS
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Encoding: br
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Connection: keep-alive
X-XSS-Protection: 0
X-SERVED-BY: b2k8l73-6588685864k
Pragma: no-cache
Last-Modified: Tue, 21 May 2024 11:40:50 GMT
Server: cloudflare
ETag: W/"15406-1716291650000"
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/x-icon
Cache-Control: no-cache, no-store, must-revalidate
CF-RAY: 895f4c227f8d9241-FRA
Expires: -1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JYVQ0NH9R&gtm=45je46h0v9105463351za200zb72218540&_p=1718755838861&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1612008636.1718755839&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAE&_s=2&sid=1718755839&sct=1&seg=0&dl=https%3A%2F%2Fpurchasealerts.visa.com%2Fvca-web%2Flogin&dt=&en=scroll&epn.percent_scrolled=90&_et=11&tfd=6085&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-8JYVQ0NH9R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://purchasealerts.visa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 00:10:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://purchasealerts.visa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
purchasealerts.visa.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: D347675B85B44274FB06C05C196E218A.70598443
purchasealerts.visa.com/	1970-01-21 06:11:31	Name: _did Value: JnbmXHH0Sbhh_zEQ1PjtY2EGdkNBjkXHefxuqqbdjBWn71eq1wIB3aiGkP8W6_mZExeQWC9wYQ0cIfg7h_HUIK1YEMShPQ_NESiT
.purchasealerts.visa.com/	1969-12-31 23:59:59	Name: __cfruid Value: 0e4045413315faff37db02a24cf5b1d3337452b8-1718755838
thm.visa.com/	1970-01-21 07:01:55	Name: thx_guid Value: c6d90b9acc4d2e5e20a15a913618fed0
thm.visa.com/	1970-01-21 07:01:55	Name: tmx_guid Value: AAxKC48sYeNHIn9oHE0I_t0udjdyRYk1AYu2W4lVYAuxomn7LGlSB0T3ZiETchQNZEGg56JwyyRMjmQKtNa0eS0vqs9kGw
.visa.com/	1970-01-20 21:27:22	Name: _gid Value: GA1.2.841711678.1718755839
.visa.com/	1970-01-20 21:25:55	Name: _gat_UA-61684798-11 Value: 1
.visa.com/	1970-01-21 07:01:55	Name: _ga Value: GA1.1.1612008636.1718755839
.visa.com/	1970-01-21 07:01:55	Name: _ga_8JYVQ0NH9R Value: GS1.1.1718755839.1.0.1718755839.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://thm.visa.com/tags?org_id=bymvu9pn&session_id=_t35CwPGf0LdOWg50yUO6OYcv9MB4tIPXW8ZTBAbeqaZDQzvLqKnPhZpiWY2HzU7MrKqUEpEgxGMnAVKgFyIDMjJ_vjogmLzS5na Message: Refused to execute script from 'https://h64.online-metrix.net/fp/clear.png?org_id=bymvu9pn&session_id=_t35cwpgf0ldowg50yuo6oycv9mb4tipxw8ztbabeqazdqzvlqknphzpiwy2hzu7mrkquepegxgmnavkgfyidmjj_vjogmlzs5na&nonce=68887bab25ab5cae&i=2' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
recommendation	verbose	URL: https://purchasealerts.visa.com/vca-web/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bymvu9pnc67l7ajjz5usui77kpkk275zv5y6ltnp68887bab25ab5caeam1.e.aa.online-metrix.net
h.online-metrix.net
h64.online-metrix.net
policy.cookiereports.com
purchasealerts.visa.com
region1.google-analytics.com
thm.visa.com
www.google-analytics.com
www.googletagmanager.com
104.18.24.178
2001:4860:4802:32::36
2620:f3:0:14:b401:8ee8:4321:ad82
2a00:1450:4001:811::200e
2a00:1450:4001:82f::2008
34.107.253.133
91.235.132.130
91.235.133.72
91.235.134.131
033861e2ae7eedb5538a51aaff3affe302df9e8328b4727459c80c296de67ddf
0f110c264cb2562120ab83c4b59d0d52ccdc7e7407f5c052967feb3aca6e06e5
1b41e7ac5502329f4fafd805fcb2aac76c7e1d48d0dfdc2ec8635ac20760b13e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
272ac4d4df6b95adcdec517a7db749eccb6599e680e51b3fa0b258ad18a6a849
274294a7d8d3c35db0578613332c25b5eeba42177dc7d2e1661ffaf03848789f
2aa1b25d0483d97e614f913e40377c41bb091f25a03d35bcd1a8e1f589e35346
2b4f828dd9fb01cbcddace6e1d3e16562f416b2c127a3a316b1e032e0ade76fc
301e57616035a393dd253c8ab46c64c7ffa25ce5ac57f0368ed372c7d3f1966c
527e00aa3d82d7f8e9befa8594799a6702e5517c059bee0d7312aebdb2728a98
60678c98a628a19de9221798a2ae180a568db7dfa2cfa353ef03b9596b33813c
639735efc1e92e129500260c1db9c0583e3d1fa63a79ee20c392949e6ab449f3
6dbbf65eed86fbf730ca192bba59874d60daff4b6341d79e1ab7f8fc30207a7b
7aa1fe1d7d695ef71be75276c6e0339ff6e70346bcbc52d8f38a0afb73699b86
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
957527f5006473390d8305ee3e6ab122156f05636df755268c732b5c0aef6628
a0513199120cf8d224f5d700a2298f6a12e2a128bb9ef8e84036d14f4d5b7643
a52f6de99b0188175ed2d99903e39c898783aa7b0b723bcc2c34f9eba33e0640
ae7146fe6947c9f4043ad729faa948ac33d65a8ff7dee841c6951224bb5caa68
b94eed7fd22e90dd678761d0d2cdbea7f6a686005021fe340083a1e1ece3732a
cb196b7e9ad5b68cea0aac5d5dba03945f122ea3ea23e5f85161dbd5150e2f10
ce3e8e2c5c4bf913c4428b4224be295473a6f974a41a87634004abed20c6329f
d6cc8939e3f1c0e747d7dd077173347572baa6e5a1f4cd21b332c52aca09215d
d7a1298b26ab030556f43bfd890a3dde2cdf7ef61c85c93c775662cba24e3717
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96c7bded8692b1c8ab6094564872565d4e3df584eb983dca7ecb1a74fae3980
ec9e9f223734c3637c92f7852d0f7e8def7fddead95d8a3bc01ec860f530aca7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

purchasealerts.visa.com Open in urlscan Pro 104.18.24.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

44 %IPv6

5 Domains

9 Subdomains

9 IPs

3 Countries

1207 kBTransfer

5091 kBSize

9 Cookies

6 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

purchasealerts.visa.com Open in urlscan Pro
104.18.24.178 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

44 %
IPv6

5
Domains

9
Subdomains

9
IPs

3
Countries

1207 kB
Transfer

5091 kB
Size

9
Cookies

44 HTTP transactions
0 data transactions