urlscan.io logo urlscan.io
SecurityTrails logo

giftprepaid.mastercard.com Open in urlscan Pro
216.119.218.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://giftprepaid.mastercard.com/
Effective URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Submission: On August 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 216.119.218.174, located in O'Fallon, United States and belongs to MASTER-7-AS, US. The main domain is giftprepaid.mastercard.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 5th 2022. Valid for: a year.
This is the only time giftprepaid.mastercard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 216.119.218.174 26380 (MASTER-7-AS)
2 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
24 5
Apex Domain
Subdomains		 Transfer
13 mastercard.com
giftprepaid.mastercard.com
279 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 406
180 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 gstatic.com
www.gstatic.com
182 KB
0 onetrust.com Failed
geolocation.onetrust.com Failed
24 5
Domain Requested by
13 giftprepaid.mastercard.com 2 redirects giftprepaid.mastercard.com
9 cdn.cookielaw.org giftprepaid.mastercard.com
cdn.cookielaw.org
2 www.google.com giftprepaid.mastercard.com
1 www.gstatic.com www.google.com
0 geolocation.onetrust.com Failed cdn.cookielaw.org
24 5

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com
Subject Issuer Validity Valid
giftprepaid.mastercard.com
Entrust Certification Authority - L1K		 2022-10-05 -
2023-10-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Frame ID: 3BEF03C39BB1912D4017638260DAE8B1
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Israel Post Gift Card| My Account | Register or login Back ButtonFilter Button

Page URL History Show full URLs

  1. https://giftprepaid.mastercard.com/ HTTP 302
    https://giftprepaid.mastercard.com/myaccount/ HTTP 302
    https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

96 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

639 kB
Transfer

1807 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://giftprepaid.mastercard.com/ HTTP 302
    https://giftprepaid.mastercard.com/myaccount/ HTTP 302
    https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register-card
giftprepaid.mastercard.com/
Redirect Chain
  • https://giftprepaid.mastercard.com/
  • https://giftprepaid.mastercard.com/myaccount/
  • https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
ded2657451ac8c376fc717dd343e5bd13a6bc5b1c5b6644a53312969cfc86d00
Security Headers
Name Value
Content-Security-Policy style-src fonts.googleapis.com 'unsafe-inline' 'self';script-src https://itunes.apple.com https://cdn.cookielaw.org https://geolocation.onetrust.com/ https://www.google-analytics.com https://privacyportal.onetrust.com https://www.google-analytics.com https://smetrics.mastercard.com *.adobedtm.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com www.assets.adobedtm.com https://www.google.com/ www.googletagmanager.com www.google.com www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval';frame-src *;img-src https://cdn.cookielaw.org https://www.mastercard.us https://www.googletagmanager.com https://smetrics.mastercard.com https://www.google-analytics.com 'self' data:;font-src fonts.gstatic.com 'unsafe-inline' data: 'self';default-src *.smetrics.mastercard.com *.adobedtm.com www.google.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com *.assets.adobedtm.com *.googletagmanager.com https://www.google-analytics.com 'self' data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Length
10623
Content-Security-Policy
style-src fonts.googleapis.com 'unsafe-inline' 'self';script-src https://itunes.apple.com https://cdn.cookielaw.org https://geolocation.onetrust.com/ https://www.google-analytics.com https://privacyportal.onetrust.com https://www.google-analytics.com https://smetrics.mastercard.com *.adobedtm.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com www.assets.adobedtm.com https://www.google.com/ www.googletagmanager.com www.google.com www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval';frame-src *;img-src https://cdn.cookielaw.org https://www.mastercard.us https://www.googletagmanager.com https://smetrics.mastercard.com https://www.google-analytics.com 'self' data:;font-src fonts.gstatic.com 'unsafe-inline' data: 'self';default-src *.smetrics.mastercard.com *.adobedtm.com www.google.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com *.assets.adobedtm.com *.googletagmanager.com https://www.google-analytics.com 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Aug 2023 17:40:09 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private
Content-Security-Policy
style-src fonts.googleapis.com 'unsafe-inline' 'self';script-src https://itunes.apple.com https://cdn.cookielaw.org https://geolocation.onetrust.com/ https://www.google-analytics.com https://privacyportal.onetrust.com https://www.google-analytics.com https://smetrics.mastercard.com *.adobedtm.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com www.assets.adobedtm.com https://www.google.com/ www.googletagmanager.com www.google.com www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval';frame-src *;img-src https://cdn.cookielaw.org https://www.mastercard.us https://www.googletagmanager.com https://smetrics.mastercard.com https://www.google-analytics.com 'self' data:;font-src fonts.gstatic.com 'unsafe-inline' data: 'self';default-src *.smetrics.mastercard.com *.adobedtm.com www.google.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com *.assets.adobedtm.com *.googletagmanager.com https://www.google-analytics.com 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Aug 2023 17:40:09 GMT
Location
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
main.css
giftprepaid.mastercard.com/themes/GiftCards/css/ 		105 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/css/main.css?v=1.0.8518.28675
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
dd7b97ab0d56da77ece6134da303029004acbe06ce9da3c1cfc81685068a84e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:09 GMT
Last-Modified
Mon, 29 May 2023 11:12:19 GMT
ETag
"c57bf96e1e92d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
24937
X-XSS-Protection
1; mode=block
israelpostoverride-gift.css
giftprepaid.mastercard.com/media/228115/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/media/228115/israelpostoverride-gift.css
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
5e70046b9b15bc27a865b62e28bfd025c5497bfd6be7127524182f74960b323b
Security Headers
Name Value
Content-Security-Policy style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Security-Policy
style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 28 May 2021 08:24:06 GMT
Date
Wed, 16 Aug 2023 17:40:10 GMT
ETag
"1afd48d39a53d71:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1042
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/ 		850 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
45a66a05249a9a90553e6173c2b862904c26c181a906ff76408b39c3ba7eb572
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
557
x-xss-protection
1; mode=block
expires
Wed, 16 Aug 2023 17:40:10 GMT
jquery-3.6.0.min.js
giftprepaid.mastercard.com/themes/CPP-Base/scripts/ 		87 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/CPP-Base/scripts/jquery-3.6.0.min.js?v=1.0.8518.28675
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:10 GMT
Last-Modified
Mon, 29 May 2023 11:12:12 GMT
ETag
"def52a6b1e92d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
39756
X-XSS-Protection
1; mode=block
angular.min.js
giftprepaid.mastercard.com/scripts/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/scripts/angular.min.js?v=1.0.8518.28675
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
64e327b8fae7a4714dd9b5205e2e665f513baa4ea29d642d1864e78ecf9745da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:10 GMT
Last-Modified
Wed, 17 Aug 2022 14:30:42 GMT
ETag
"0d5d3ed45b2d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
58736
X-XSS-Protection
1; mode=block
angular-messages.min.js
giftprepaid.mastercard.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/scripts/angular-messages.min.js?v=1.0.8518.28675
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
7d3a06eec2af5172c323d5a496c365aabca93974f92f691be6d3f6e6517d70dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:10 GMT
Last-Modified
Wed, 17 Aug 2022 14:30:42 GMT
ETag
"0d5d3ed45b2d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1471
X-XSS-Protection
1; mode=block
angular-recaptcha.js
giftprepaid.mastercard.com/themes/GiftCards/scripts/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/scripts/angular-recaptcha.js?v=1.0.8518.28675
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
35720c2e2492e2e8d498ec590595e47acbdbeaddd2c387c5a880a60d445b514f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:10 GMT
Last-Modified
Mon, 29 May 2023 11:12:19 GMT
ETag
"8fb4156f1e92d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4021
X-XSS-Protection
1; mode=block
app.js
giftprepaid.mastercard.com/themes/GiftCards/scripts/ 		176 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/scripts/app.js?v=1.0.8518.28675
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
ce71029d0d57d2518d59f93691d84f7e46c3b1d7d9d2c8427f6c8bd076034015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:10 GMT
Last-Modified
Mon, 29 May 2023 11:12:19 GMT
ETag
"a2dc246f1e92d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
35031
X-XSS-Protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
X1C0PY0lSDg1JSpsyFxfYA==
age
45784
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6837
x-ms-lease-status
unlocked
last-modified
Mon, 14 Aug 2023 19:30:13 GMT
server
cloudflare
etag
0x8DB9CFCE1B0A3F4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c10ab92e-c01e-0030-25e8-ce874c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f7b75fc19314d97-FRA
140x50.jpg
giftprepaid.mastercard.com/media/228096/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giftprepaid.mastercard.com/media/228096/140x50.jpg
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
f5f357efdc555f345793169bad3f74fc45c7e429ea7cbba389db4df2c0ba42dd
Security Headers
Name Value
Content-Security-Policy style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Security-Policy
style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:10 GMT
Last-Modified
Sat, 08 May 2021 08:13:27 GMT
ETag
"2d7c2f6e243d71:0"
X-Frame-Options
DENY
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4348
X-XSS-Protection
1; mode=block
567692_il_israel_post_giftcardplus_ils_card_r4_338x230px.png
giftprepaid.mastercard.com/media/228124/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giftprepaid.mastercard.com/media/228124/567692_il_israel_post_giftcardplus_ils_card_r4_338x230px.png
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
2c3b869d0bcf3bd4fc283f7c9c0ca48d7e1261dd740903ebfd5229ddf958c70f
Security Headers
Name Value
Content-Security-Policy style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Security-Policy
style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Wed, 16 Aug 2023 17:40:10 GMT
Last-Modified
Fri, 18 Jun 2021 03:34:19 GMT
ETag
"6754bd2f263d71:0"
X-Frame-Options
DENY
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
89884
X-XSS-Protection
1; mode=block
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 		453 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6a162cb53d79e0ee3a6d020bc72c80cde5644ffbeb9913b96c3c4833a4a65d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://giftprepaid.mastercard.com/
Origin
https://giftprepaid.mastercard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186041
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 14:49:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 05:50:12 GMT
513f08f8-f498-4f9b-9b01-e9388016ced8.json
cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/513f08f8-f498-4f9b-9b01-e9388016ced8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8b6614ac88acd985bcaca399fe98c2e6d95a6a63ab6f17e8294a8ea6c8aa69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
76386
content-md5
f4MvnvQwF161efH/PNosFw==
content-length
2541
x-ms-lease-status
unlocked
last-modified
Mon, 27 Feb 2023 07:24:02 GMT
server
cloudflare
etag
0x8DB189399AF5556
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ab0f6baa-c01e-00a5-45e1-5ae3ff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f7b75ff5b8e30c6-FRA
expires
Thu, 17 Aug 2023 17:40:10 GMT
api.js
www.google.com/recaptcha/ 		915 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/themes/GiftCards/scripts/angular-recaptcha.js?v=1.0.8518.28675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f225ea108aeadf98cb112cbece1af8f58cb5d23aecc0a34cb324df8af5710ab9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
583
x-xss-protection
1; mode=block
expires
Wed, 16 Aug 2023 17:40:10 GMT
question-mark-white.svg
giftprepaid.mastercard.com/themes/GiftCards/images/ 		1016 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/images/question-mark-white.svg
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/themes/GiftCards/css/main.css?v=1.0.8518.28675
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 O'Fallon, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
travel.cashpassport.com
Software
/
Resource Hash
0db1a5922723968cc17455fc2ce914de73a24bb494e5d6a718e84aea9e672b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/themes/GiftCards/css/main.css?v=1.0.8518.28675
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 16 Aug 2023 17:40:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Dec 2022 01:14:44 GMT
ETag
"05a10474713d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1016
X-XSS-Protection
1; mode=block
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		0
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202301.2.0/ 		402 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
0jjE9bRWjdK9YwiQScw/ZQ==
age
39739
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
98329
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:39:10 GMT
server
cloudflare
etag
0x8DB1098882046FE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1e339f56-601e-0002-34fd-9ada1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f7b75ffadb54d97-FRA
en.json
cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/d75e9be3-a051-4571-8005-756a35f94751/ 		115 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/d75e9be3-a051-4571-8005-756a35f94751/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac76725ecabf3fb70f70d342c97ae4ea05b66d25f8e3a489c784f4ae032475b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
76385
content-md5
ys4NTfAjfkm11KoY3p09Aw==
content-length
23238
x-ms-lease-status
unlocked
last-modified
Mon, 27 Feb 2023 07:24:14 GMT
server
cloudflare
etag
0x8DB1893A14AF678
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6a1a6fd0-f01e-002e-33cd-c05821000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f7b76002cb130c6-FRA
expires
Thu, 17 Aug 2023 17:40:10 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3j6krUd8tta5DgtKf9NJpg==
age
76385
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2639
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:39:04 GMT
server
cloudflare
etag
0x8DB1098846D14B4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f7970e22-001e-013f-3ae1-5a296f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f7b76007d7030c6-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 		58 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3643f6193682615c1678d055db613815f61ce8983bb1e877ecb4e40d8f2709eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/i7E8EnJXCkHT2ysBIUogw==
age
76385
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14396
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:39:05 GMT
server
cloudflare
etag
0x8DB109884F7B4CC
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8fbd55c5-001e-00b3-14e1-5a2261000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f7b76007d7230c6-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
76385
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:39:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4b38383a-d01e-0076-28e1-5a5c5a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f7b76007d7330c6-FRA
MicrosoftTeams-image.png
cdn.cookielaw.org/logos/1df3f1e6-52a6-46c4-b5a1-0e035b09a859/c8f0ae6e-550f-49f2-bf8d-e209a37a96a7/2dc2e77e-31c9-4bf6-b310-d14722cbe9b4/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/1df3f1e6-52a6-46c4-b5a1-0e035b09a859/c8f0ae6e-550f-49f2-bf8d-e209a37a96a7/2dc2e77e-31c9-4bf6-b310-d14722cbe9b4/MicrosoftTeams-image.png
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10093f0ee507eae35e46a2ebce9f933841464f274cb782d8066e2f01735b4995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YsPa/NN61DiHrQPq6iAFeQ==
age
26889
content-length
27570
x-ms-lease-status
unlocked
last-modified
Tue, 17 Jan 2023 07:55:47 GMT
server
cloudflare
etag
0x8DAF8603E619142
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
5c63fc69-c01e-016d-09e1-5a349d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7f7b7600def64d97-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://giftprepaid.mastercard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 17:40:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
45783
x-ms-lease-status
unlocked
last-modified
Mon, 14 Aug 2023 19:30:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3a5623f4-b01e-0093-2ea3-cfe289000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7f7b7600defc4d97-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
geolocation.onetrust.com
URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery object| angular object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gc function| __extends object| OneTrustStub function| OptanonWrapper object| page_url string| urlparam object| urlSplit function| setCookieUser object| di object| vcRecaptchaApiLoadedCallback function| vcRecaptchaApiLoaded string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| recaptcha object| Optanon object| OneTrust

6 Cookies

Domain/Path Name / Value
.giftprepaid.mastercard.com/israelpost-gift Name: OptanonConsent
Value: hosts=&datestamp=Wed+Aug+16+2023+19%3A40%3A11+GMT%2B0200+(Central+European+Summer+Time)&version=202301.2.0
giftprepaid.mastercard.com/ Name: ASP.NET_SessionId
Value: yrdwhmsr4p5i2vihd1ulwntz
giftprepaid.mastercard.com/ Name: TS0110f040
Value: 0129c5f8e10acaa5ff540ef07d746f4b521bff01d87e42c45756488c43388466022371420b2429534af541acc86736f4cc3fe8e18200319019deb08e63407592ec842083d8
giftprepaid.mastercard.com/ Name: LanguageCookie
Value: en-US
giftprepaid.mastercard.com/ Name: BIGipServerjapan-ecomm-https-pool
Value: !lZyeOIgMaWk6KisAY/dn0NkjwGmU+rrguZdwRpJl7i0qNEegEnqk6wwvsPlqFZaAfpw2D3IT/Ocdyw==
giftprepaid.mastercard.com/ Name: ILBSESSION
Value: !4fpAhJRAW8kcjBqjuDabzbQPocOA65ySuJQNUJHyoSD9Zo3hij62QAKKhSVu4gGl5kDw6m0uIivBqQ==

1 Console Messages

Source Level URL
Text
security error URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Message:
Refused to connect to 'https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location' because it violates the following Content Security Policy directive: "default-src *.smetrics.mastercard.com *.adobedtm.com www.google.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com *.assets.adobedtm.com *.googletagmanager.com https://www.google-analytics.com 'self' data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src fonts.googleapis.com 'unsafe-inline' 'self';script-src https://itunes.apple.com https://cdn.cookielaw.org https://geolocation.onetrust.com/ https://www.google-analytics.com https://privacyportal.onetrust.com https://www.google-analytics.com https://smetrics.mastercard.com *.adobedtm.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com www.assets.adobedtm.com https://www.google.com/ www.googletagmanager.com www.google.com www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval';frame-src *;img-src https://cdn.cookielaw.org https://www.mastercard.us https://www.googletagmanager.com https://smetrics.mastercard.com https://www.google-analytics.com 'self' data:;font-src fonts.gstatic.com 'unsafe-inline' data: 'self';default-src *.smetrics.mastercard.com *.adobedtm.com www.google.com https://cdn.cookielaw.org https://privacyportal.onetrust.com https://mastercard.tt.omtrdc.net https://dpm.demdex.net https://cdn.walkme.com *.assets.adobedtm.com *.googletagmanager.com https://www.google-analytics.com 'self' data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
giftprepaid.mastercard.com
www.google.com
www.gstatic.com
geolocation.onetrust.com
216.119.218.174
2606:4700::6812:a972
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
0db1a5922723968cc17455fc2ce914de73a24bb494e5d6a718e84aea9e672b38
0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189
10093f0ee507eae35e46a2ebce9f933841464f274cb782d8066e2f01735b4995
2c3b869d0bcf3bd4fc283f7c9c0ca48d7e1261dd740903ebfd5229ddf958c70f
35720c2e2492e2e8d498ec590595e47acbdbeaddd2c387c5a880a60d445b514f
3643f6193682615c1678d055db613815f61ce8983bb1e877ecb4e40d8f2709eb
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
45a66a05249a9a90553e6173c2b862904c26c181a906ff76408b39c3ba7eb572
5e70046b9b15bc27a865b62e28bfd025c5497bfd6be7127524182f74960b323b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
64e327b8fae7a4714dd9b5205e2e665f513baa4ea29d642d1864e78ecf9745da
7d3a06eec2af5172c323d5a496c365aabca93974f92f691be6d3f6e6517d70dd
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
ac76725ecabf3fb70f70d342c97ae4ea05b66d25f8e3a489c784f4ae032475b8
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
ce71029d0d57d2518d59f93691d84f7e46c3b1d7d9d2c8427f6c8bd076034015
db8b6614ac88acd985bcaca399fe98c2e6d95a6a63ab6f17e8294a8ea6c8aa69
dd7b97ab0d56da77ece6134da303029004acbe06ce9da3c1cfc81685068a84e6
ded2657451ac8c376fc717dd343e5bd13a6bc5b1c5b6644a53312969cfc86d00
e6a162cb53d79e0ee3a6d020bc72c80cde5644ffbeb9913b96c3c4833a4a65d6
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f225ea108aeadf98cb112cbece1af8f58cb5d23aecc0a34cb324df8af5710ab9
f5f357efdc555f345793169bad3f74fc45c7e429ea7cbba389db4df2c0ba42dd