mastercard.ai Open in urlscan Pro
185.199.109.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mastercard.ai/
Submission: On July 20 via automatic, source certstream-suspicious (July 20th 2023, 9:18:54 am UTC) — Scanned from DE

Summary HTTP 40 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 21 domains to perform 40 HTTP transactions. The main IP is 185.199.109.153, located in San Francisco, United States and belongs to FASTLY, US. The main domain is mastercard.ai.
TLS certificate: Issued by R3 on July 20th 2023. Valid for: 3 months.

This is the only time mastercard.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.199.109.153 185.199.109.153	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1 7	185.66.200.221 185.66.200.221	201702 (SKHOSTING-EU) (SKHOSTING-EU)
6	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	94.130.198.6 94.130.198.6	24940 (HETZNER-AS) (HETZNER-AS)
4	2a01:4f8:252:... 2a01:4f8:252:561a::2	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	185.66.201.58 185.66.201.58	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	88.198.200.20 88.198.200.20	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a00:1630:771... 2a00:1630:771::12	49544 (I3DNET) (I3DNET)
2	5.200.15.239 5.200.15.239	49544 (I3DNET) (I3DNET)
1	185.66.201.7 185.66.201.7	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.60.9.235 65.60.9.235	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
40	19

1 185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com

mastercard.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.220 (Slovakia) 2 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

vdbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.66.200.221 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.221.skhosting.eu

yx-tr-val.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

26b1d20dfe.0008d6ba2e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

a757fa57e7.5cb068fb21.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.198.6 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.198.130.94.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:252:561a::2 (Germany)

ASN24940 (HETZNER-AS, DE)

49b2837491.589aa99d18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.58 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.58.skhosting.eu

namel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.200.20 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-200-20.clients.your-server.de

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1630:771::12 (Rotterdam, Netherlands) 1 redirects

ASN49544 (I3DNET, NL)

eu.doctorpost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.200.15.239 (Rotterdam, Netherlands)

ASN49544 (I3DNET, NL)

cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.7 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.7.skhosting.eu

ofaba.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

adtrace.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.60.9.235 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

us-1.rwe-twe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 accounts.google.com — Cisco Umbrella Rank: 59	50 KB
7	yx-tr-val.com 1 redirects yx-tr-val.com	135 KB
4	589aa99d18.com 49b2837491.589aa99d18.com	21 KB
4	0008d6ba2e.com 26b1d20dfe.0008d6ba2e.com	198 KB
3	gstatic.com www.gstatic.com	372 KB
2	rwe-twe.com us-1.rwe-twe.com	3 KB
2	adx1.com cdn.adx1.com — Cisco Umbrella Rank: 16239	121 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 36246	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 36237	401 B
2	vdbaa.com 2 redirects vdbaa.com	1 KB
1	adtrace.online adtrace.online — Cisco Umbrella Rank: 35315	467 B
1	ofaba.live ofaba.live	314 B
1	doctorpost.net 1 redirects eu.doctorpost.net — Cisco Umbrella Rank: 34157	101 B
1	namel.net namel.net	686 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 33553	201 B
1	5cb068fb21.com a757fa57e7.5cb068fb21.com	207 B
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 69579	238 B
1	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 14028	825 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 920	22 KB
1	mastercard.ai mastercard.ai	6 KB
40	21

	Domain	Requested by
7	yx-tr-val.com	1 redirects mastercard.ai yx-tr-val.com
4	49b2837491.589aa99d18.com	26b1d20dfe.0008d6ba2e.com
4	www.google.com	yx-tr-val.com www.gstatic.com www.google.com
4	26b1d20dfe.0008d6ba2e.com	mastercard.ai 26b1d20dfe.0008d6ba2e.com
3	www.gstatic.com	www.google.com
3	accounts.google.com	2 redirects mastercard.ai
2	us-1.rwe-twe.com	ofaba.live us-1.rwe-twe.com
2	cdn.adx1.com
2	static.bookmsg.com
2	fp.metricswpsh.com	26b1d20dfe.0008d6ba2e.com
2	vdbaa.com	2 redirects
1	adtrace.online	26b1d20dfe.0008d6ba2e.com
1	ofaba.live	namel.net
1	eu.doctorpost.net	1 redirects
1	namel.net
1	fonts.googleapis.com	yx-tr-val.com
1	nereserv.com	26b1d20dfe.0008d6ba2e.com
1	a757fa57e7.5cb068fb21.com	26b1d20dfe.0008d6ba2e.com
1	js.capndr.com	26b1d20dfe.0008d6ba2e.com
1	js.wpadmngr.com	26b1d20dfe.0008d6ba2e.com
1	maxcdn.bootstrapcdn.com	mastercard.ai
1	mastercard.ai
40	22

This site contains links to these domains. Also see Links.

Domain
www.gdiz.eu.org

Subject Issuer	Validity	Valid
mastercard.ai R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
yx-tr-val.com R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
26b1d20dfe.0008d6ba2e.com R3	`2023-07-17` - `2023-10-15`	3 months	crt.sh
js.wpadmngr.com R3	`2023-07-15` - `2023-10-13`	3 months	crt.sh
js.capndr.com R3	`2023-06-25` - `2023-09-23`	3 months	crt.sh
a757fa57e7.5cb068fb21.com R3	`2023-07-17` - `2023-10-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
notification.tubecup.net R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
589aa99d18.com R3	`2023-07-17` - `2023-10-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
namel.net R3	`2023-07-08` - `2023-10-06`	3 months	crt.sh
bookmsg.com R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.adx1.com R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
ofaba.live R3	`2023-07-13` - `2023-10-11`	3 months	crt.sh
adtrace.online GTS CA 1P5	`2023-07-02` - `2023-09-30`	3 months	crt.sh
us-1.rwe-twe.com R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://mastercard.ai/
Frame ID: 65D4EC4783B322A262C22A5D57BC76D1
Requests: 16 HTTP requests in this frame

Frame: https://us-1.rwe-twe.com/?utm_term=7257827859274661896
Frame ID: 972C384209A572883BD36878F7FDDBB9
Requests: 13 HTTP requests in this frame

Frame: https://js.wpadmngr.com/static/storage.html
Frame ID: 5DBFAE6E3651010D5AFF4248475EDE87
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=tc4fx9mdacjw
Frame ID: C02C2CCA6751B4981DF3C4B41450B3C2
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: DA5E77C01151D566FE9F1443DE69B5CE
Requests: 3 HTTP requests in this frame

Frame: https://adtrace.online/tag
Frame ID: 163BD7AF4FED7DF26540083593F0BA5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Website Promotion (Y48 WW7 WJS)

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

40
Requests

95 %
HTTPS

40 %
IPv6

21
Domains

22
Subdomains

19
IPs

4
Countries

931 kB
Transfer

2163 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gdiz.eu.org/
Title: GDIZBlog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://vdbaa.com/fullpage.php?section=General&pub=772124&ga=g HTTP 302
https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=

Request Chain 19

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXhF0nKL_ScVwk17P2_S9bBjwxbYlY9WyHHTO_PdP1I9ybzSnZWpeIWSV67DKWXjyFuvOi5Fmg HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S654664978%3A1689844730029098&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjdgqdpTKpI0iab40HE-OlZ2H737jGcM4XKcyTmXM03oTBOe4eJV0Yho2oRmPUnEJJK84Xc&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 28

https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0= HTTP 302
https://vdbaa.com/fullpage.php?section=General&pub=772124&ga=g&rr=aHR0cHM6Ly9tYXN0ZXJjYXJkLmFpLw==&dom_id=47636013&yXcrs=46 HTTP 302
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XAdCAiGZjrrjZCiGkkjdCpCrGjNrdZNZxkNrijCrCZZZCCrixCrrACrCrGCxCixirrirriCCrxi_79813&adApiR=loaded_string_60766291cc87f01c733ce0d5ab0e85b1ceefa_2615678_1689844731.3495_91044&refferer=1028720021_aHR0cDovL21hc3RlcmNhcmQuYWk=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0

Request Chain 33

https://eu.doctorpost.net/nty/metrics/save.img?event=impressions&bid-id=v2-1689844730558-7-3674-1230852-e9500f2a-77b5-bf84-c78e-fe882e525083&img=https%3A%2F%2Fcdn.adx1.com%2F7417691689267565218792.jpeg&cpa=f570bd7b-0dbf-457d-a203-55fe3d6f9fef&format=default-slide-b_r-body HTTP 302
https://cdn.adx1.com/7417691689267565218792.jpeg

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mastercard.ai/ 15 KB
6 KB 393ms
119ms Document
text/html 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mastercard.ai/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: bd585d7c20fc4d9d4476639dbe037392fa02ea8e5fc3b001f6d9e964bfda2fdd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 5575
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 09:18:49 GMT
etag: W/"64b8fbcd-3a9f"
expires: Thu, 20 Jul 2023 09:28:49 GMT
last-modified: Thu, 20 Jul 2023 09:18:05 GMT
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 65bc7cbd9c0c00b5497fe23ff9d08e02a14dbf79
x-github-request-id: FBB2:CEBC:12BC429:134C5F3:64B8FBF8
x-origin-cache: HIT
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230073-FRA
x-timer: S1689844729.275876,VS0,VE101

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 56ms
29ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: mastercard.ai
URL: https://mastercard.ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 756
age: 6876526
cdn-cachedat: 12/27/2021 13:09:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 88833c14bb1c0cf39c9fdd8fd8f440ab
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e9a1e76fe378ff5-FRA
cdn-requestpullsuccess: True

GET
H2

200

index_v3.php Show response
yx-tr-val.com/crs/ Frame 972C
Redirect Chain

https://vdbaa.com/fullpage.php?section=General&pub=772124&ga=g
https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1...

3 KB
3 KB

190ms
35ms

Document
text/html

185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
Requested by: Host: mastercard.ai
URL: https://mastercard.ai/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: 6813c713cd0992476875ccbe5ebc117bcca5b9f4b3e2073b1e56b125f55a6261

Request headers

Referer: https://mastercard.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 09:18:49 GMT
server: nginx

Redirect headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 09:18:49 GMT
expires: Thu, 20 Jul 2023 09:18:49 GMT
last-modified: Thu, 20 Jul 2023 09:18:49 GMT
location: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 894e7ae75a0fbefb8ab89e1af0dc7286.js Show response
26b1d20dfe.0008d6ba2e.com/ 167 KB
58 KB 90ms
28ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Requested by: Host: mastercard.ai
URL: https://mastercard.ai/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b3b9e5d75cf2e758f9a2a6673792bc4c8be3ab7d8af28a1976266bffd1ccb6d2

Request headers

Referer: https://mastercard.ai/
Origin: https://mastercard.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 09:23:49 GMT
date: Thu, 20 Jul 2023 09:18:49 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 09:04:04 GMT
server: nginx/1.18.0
etag: W/"64b65584-29b9f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 storage.html Show response
js.wpadmngr.com/static/ Frame 5DBF 1 KB
825 B 85ms
24ms Document
text/html 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/storage.html
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 01c71e162607df5b9dd58ec5460cc91139e53c43f52512648895c439bc5c9608

Request headers

Referer: https://mastercard.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 09:18:49 GMT
etag: W/"64ae711b-5fd"
expires: Thu, 20 Jul 2023 09:23:49 GMT
last-modified: Wed, 12 Jul 2023 09:23:39 GMT
server: nginx/1.18.0
x-proxy-cache: HIT

GET
H2 200 65811 Show response
26b1d20dfe.0008d6ba2e.com/6b4e46a97ab26e41423d35c26a84c949/ 2 KB
2 KB 68ms
68ms XHR
application/json 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://26b1d20dfe.0008d6ba2e.com/6b4e46a97ab26e41423d35c26a84c949/65811?version_name=c
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7cb5ee2bea931d1c90e90506698e25ea0010f60ed2ec97766840410e1315a554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 09:23:49 GMT
date: Thu, 20 Jul 2023 09:18:49 GMT
server: nginx/1.18.0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
content-length: 1883
x-proxy-cache: MISS

GET
H2 200 advertising.js Show response
js.capndr.com/ 0
238 B 65ms
14ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/advertising.js
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 09:23:49 GMT
date: Thu, 20 Jul 2023 09:18:49 GMT
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
server: nginx/1.18.0
etag: "64b105fd-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 track Show response
a757fa57e7.5cb068fb21.com/in/ 0
207 B 124ms
70ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a757fa57e7.5cb068fb21.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIzNTcwOTQyNDY0MDkxMjU5MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuNjYuMCIsInRhZ19pZCI6NjU4MTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjEzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJXZWJzaXRlJTJDUHJvbW90aW9uJTJDKFk0OCUyQ1dXNyUyQ1dKUyklMkNHRElaQmxvZyUyQyUyM1k0OCUyQyUyM1dXNyUyQyUyM1dKUyUyQ2hvdy10byUyQ2d1aWRlcyUyQ2V4cGVydCUyQ3RpcHMlMkNkaXklMkN0dXRvcmlhbHMlMkNoZWxwZnVsJTJDaGludHMlMkN1c2VmdWwlMkNpbmZvcm1hdGlvbiUyQ2J1Z2JvdW50eXRpcHMlMkNmaW5hbmNpYWwlMkNhZHZpY2UlMkN0dXRvcmlhbHMlMkNmcmVlJTJDY291cnNlJTJDdGlwcyUyQ2FuZCUyQ3RyaWNrcyUyQ2luZm9ybWF0aXZlJTJDYXJ0aWNsZXMlMkNTaGFyZSUyQ1R1dG9yaWFsJTJDSW5mb3JtYXRpb24lMkNCdWclMkNCb3VudHklMkNUaXBzJTJDRmluYW5jaWFsJTJDQWR2aWNlJTJDVGlwcyUyQ2FuZCUyQ1RyaWNrJTJDZXRjLiJ9
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 09:18:49 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 65089df8033bccfbdb7d103f87d24a86.js Show response
26b1d20dfe.0008d6ba2e.com/ 42 KB
14 KB 43ms
15ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://26b1d20dfe.0008d6ba2e.com/65089df8033bccfbdb7d103f87d24a86.js
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5468c890ef602977130a0f59d15243417fdb9b8d70da59ebc72be7e044b63d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 09:23:49 GMT
date: Thu, 20 Jul 2023 09:18:49 GMT
content-encoding: gzip
last-modified: Mon, 26 Jun 2023 11:18:31 GMT
server: nginx/1.18.0
etag: W/"64997407-a786"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 1dc69cb398d9da955fc6602c1c23b074.js Show response
26b1d20dfe.0008d6ba2e.com/ 502 KB
124 KB 65ms
36ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://26b1d20dfe.0008d6ba2e.com/1dc69cb398d9da955fc6602c1c23b074.js
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dea50e3de98720a9e3d390a4783a4dcad4dfdb2471717debe7e9445de1a3c005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 09:23:49 GMT
date: Thu, 20 Jul 2023 09:18:49 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 13:43:23 GMT
server: nginx/1.18.0
etag: W/"64b696fb-7d723"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 bootstrap.min.css
yx-tr-val.com/crs/css/ Frame 972C 118 KB
119 KB 29ms
28ms Stylesheet
text/css 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://yx-tr-val.com/crs/css/bootstrap.min.css
Requested by: Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:49 GMT
last-modified: Fri, 13 Apr 2018 15:24:45 GMT
server: nginx
accept-ranges: bytes
etag: "5ad0cbbd-1d970"
content-length: 121200
content-type: text/css

GET
H2 200 main.css
yx-tr-val.com/crs/css/ Frame 972C 2 KB
2 KB 81ms
80ms Stylesheet
text/css 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://yx-tr-val.com/crs/css/main.css?v2
Requested by: Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: 2347125f250e16855d8229f8e941cc376dfe7a9d5caddc3206d20952b1f46c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:49 GMT
last-modified: Mon, 30 Apr 2018 06:33:38 GMT
server: nginx
accept-ranges: bytes
etag: "5ae6b8c2-96e"
content-length: 2414
content-type: text/css

GET
H2 200 loading.gif
yx-tr-val.com/crs/img/ Frame 972C 4 KB
4 KB 79ms
78ms Image
image/gif 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yx-tr-val.com/crs/img/loading.gif
Requested by: Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: acccc31dbf746699a0d02ae545cf89a194d7158732cb5a88f4a514e04ea3fc1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:49 GMT
last-modified: Sat, 23 Nov 2019 00:21:28 GMT
server: nginx
accept-ranges: bytes
etag: "5dd87b88-f6f"
content-length: 3951
content-type: image/gif

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 972C 884 B
908 B 69ms
31ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-

Requested by

Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

635226bb84303d089873f540e6f0a38abea26d6466329452766dc965adb98a27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yx-tr-val.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 588
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 09:18:49 GMT

GET
H2 200 logo.png
yx-tr-val.com/crs/img/ Frame 972C 6 KB
6 KB 79ms
78ms Image
image/png 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yx-tr-val.com/crs/img/logo.png
Requested by: Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: 8b0c746b1dfbfd8429d32fcb994fb2223fb4724a5942e255bb4a4e96351579ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:49 GMT
last-modified: Fri, 13 Apr 2018 15:24:51 GMT
server: nginx
accept-ranges: bytes
etag: "5ad0cbc3-188b"
content-length: 6283
content-type: image/png

GET
H2 200 main.js Show response
yx-tr-val.com/crs/js/ Frame 972C 255 B
384 B 79ms
77ms Script
application/javascript 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://yx-tr-val.com/crs/js/main.js
Requested by: Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: c91d7242589722eec07910a5a5fe2b8855c57100fbfbdc93d6604823a9402458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:49 GMT
last-modified: Fri, 13 Apr 2018 15:24:54 GMT
server: nginx
accept-ranges: bytes
etag: "5ad0cbc6-ff"
content-length: 255
content-type: application/javascript

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 27 B
401 B 105ms
69ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=65811
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9ddb56f1bb8c88b1dd421c29f43b684be7b89c0cf056e0b61e2f2719e93e7aa3

Request headers

Referer: https://mastercard.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 20 Jul 2023 09:18:49 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://mastercard.ai
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 27

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 57ms
17ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=65811
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mastercard.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://mastercard.ai
Connection: keep-alive
Date: Thu, 20 Jul 2023 09:18:49 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 54ms
18ms XHR
text/plain 94.130.198.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=9b96ec74-8215-4573-926d-402cff414280&subid=1375110137&sid=2649338436&spot_id=293536&created_at=2023-07-20&timezone=0&ver=8.77.0&is_native=1
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/1dc69cb398d9da955fc6602c1c23b074.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.198.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.198.130.94.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 09:18:49 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
49b2837491.589aa99d18.com/in/ 21 KB
21 KB 1297ms
1297ms XHR
application/json 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://49b2837491.589aa99d18.com/in/multy
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/1dc69cb398d9da955fc6602c1c23b074.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 8cb0fd13083256783357c2abef1fb3cb395a73760bb7c372bcb8e3b195162797

Request headers

Referer: https://mastercard.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 09:18:51 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 20997

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXhF0nKL_ScVwk17P2_S9bBjwxbYlY9WyHHTO_PdP1I9ybzSnZWpeIWSV...
https://accounts.google.com/v3/signin/identifier?dsh=S654664978%3A1689844730029098&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjdgqdpTKpI0iab40HE-OlZ2H737jGcM4XKcyTmXM03oTBO...

0
0

41ms
41ms

Image
text/html

2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S654664978%3A1689844730029098&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjdgqdpTKpI0iab40HE-OlZ2H737jGcM4XKcyTmXM03oTBOe4eJV0Yho2oRmPUnEJJK84Xc&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: mastercard.ai
URL: https://mastercard.ai/
Protocol: H3
Server: 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Redirect headers

date: Thu, 20 Jul 2023 09:18:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-TwKYiImiPsOl2DFelipdIg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S654664978%3A1689844730029098&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjdgqdpTKpI0iab40HE-OlZ2H737jGcM4XKcyTmXM03oTBOe4eJV0Yho2oRmPUnEJJK84Xc&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 multy
49b2837491.589aa99d18.com/in/ Frame 0
0 68ms
14ms Preflight 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://49b2837491.589aa99d18.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mastercard.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Thu, 20 Jul 2023 09:18:49 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ Frame 972C 7 KB
1 KB 61ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,600,700,800

Requested by

Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/css/main.css?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb0be6c6e7ba1807e4b3583c59955985c6758654730e7072730932e796b72d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yx-tr-val.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 09:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 09:18:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 09:18:49 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame 972C 431 KB
174 KB 64ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4492635edd6b1b7c576b8a4b4c51e9843dd8b06ab34f4959d33dea5500e48385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yx-tr-val.com/
Origin: https://yx-tr-val.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 13:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177687
x-xss-protection: 0
last-modified: Sun, 09 Jul 2023 08:00:56 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 13:35:49 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C02C 50 KB
28 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=tc4fx9mdacjw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16b7516de0467267a4d62a49a8391804132776eaa1244890df09154d440ee483

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d-j-4fXU3yyCbS7oV-zpxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yx-tr-val.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28028
content-security-policy: script-src 'report-sample' 'nonce-d-j-4fXU3yyCbS7oV-zpxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 09:18:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame C02C 55 KB
24 KB 59ms
14ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=tc4fx9mdacjw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 09 Jul 2023 08:00:56 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 09:00:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame C02C 431 KB
174 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4492635edd6b1b7c576b8a4b4c51e9843dd8b06ab34f4959d33dea5500e48385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 13:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177687
x-xss-protection: 0
last-modified: Sun, 09 Jul 2023 08:00:56 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 13:35:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C02C 102 B
134 B 29ms
29ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f827f28ee4ea717504786f0298c6c576e83038b5a9fd327ca38b58cb8ed2550

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=tc4fx9mdacjw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 09:18:50 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame C02C 33 KB
19 KB 50ms
49ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39d08888f1f627756f294564f32a78a8aa8a8efcdde643c0d5b3fd564d9e3bf0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=tc4fx9mdacjw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 20 Jul 2023 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19173
x-xss-protection: 1; mode=block
expires: Thu, 20 Jul 2023 09:18:50 GMT

GET
H2

200

/ Show response
namel.net/d0d63e31e7/070a954047/ Frame 972C
Redirect Chain

https://yx-tr-val.com/crs/index_v3.php?d=47636013&f=popup&s=4&t=4&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NzcyMTI0JmdhPWcmcnI9YUhSMGNITTZMeTl0WVhOMFpYSmpZWEprTG1GcEx3PT0=
https://vdbaa.com/fullpage.php?section=General&pub=772124&ga=g&rr=aHR0cHM6Ly9tYXN0ZXJjYXJkLmFpLw==&dom_id=47636013&yXcrs=46
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XAdCAiGZjrrjZCiGkkjdCpCrGjNrdZNZxkNrijCrCZZZCCrixCrrACrCrGCxCixirrirriCCrxi_79813&adApiR=loaded_string_60766291cc87f01c733ce...

692 B
686 B

173ms
37ms

Document
text/html

185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XAdCAiGZjrrjZCiGkkjdCpCrGjNrdZNZxkNrijCrCZZZCCrixCrrACrCrGCxCixirrirriCCrxi_79813&adApiR=loaded_string_60766291cc87f01c733ce0d5ab0e85b1ceefa_2615678_1689844731.3495_91044&refferer=1028720021_aHR0cDovL21hc3RlcmNhcmQuYWk=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.58 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 55aef47cdb4d66e34d8054aa2ea8aea81984e05ffd7a7e756b40e84d3b122ce0

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://yx-tr-val.com
Referer: https://yx-tr-val.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 09:18:51 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex,nofollow

Redirect headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 09:18:51 GMT
expires: Thu, 20 Jul 2023 09:18:51 GMT
last-modified: Thu, 20 Jul 2023 09:18:51 GMT
location: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XAdCAiGZjrrjZCiGkkjdCpCrGjNrdZNZxkNrijCrCZZZCCrixCrrACrCrGCxCixirrirriCCrxi_79813&adApiR=loaded_string_60766291cc87f01c733ce0d5ab0e85b1ceefa_2615678_1689844731.3495_91044&refferer=1028720021_aHR0cDovL21hc3RlcmNhcmQuYWk=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 790 B
948 B 79ms
9ms Image
image/webp 88.198.200.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=94357cad-01e4-4882-8b5a-9ea2adc327de&mlc=1&format=default-slide-b_r-body
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.200.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-200-20.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:51 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 790 B
947 B 79ms
11ms Image
image/webp 88.198.200.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.200.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-200-20.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:51 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 /
49b2837491.589aa99d18.com/in/show/ 0
201 B 42ms
14ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://49b2837491.589aa99d18.com/in/show/?mid=4477447824869749546&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1375110137&sid=2649338436&cid=2766&price=0.0012044468915462494&is_cpm=0&cpm=0&ecpm=0.08227736470724574&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.77.0&ver_c=&refdom=mastercard.ai&hostname=auc-inpage-hz-5-a&site_id=31293536&spot_id=293536&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1689931129&created_at=2023-07-20&is_native=2&auction_queue=&burl=oHFLkQO53SXcKZGK6boaX0DKEo6I5xHGI4Jx859xJgVdYGhEyn1mqQ&pop_winurl=&ip=178.162.209.138&testab=0&px_id=31293536&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.012256863295926549&placement_type_id=0&skin_test=0&verify_hash=bfed7a414d22d1f7e565fff4423c3f7b&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1375110137%26spot_id%3D293536%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fmastercard.ai%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0&user_fp=15780766682644898978&v2=0&v2_track=0&is_pop_cpc=0&applied_features=prod,main-skins-settings&url=u4Uhg1WgU9m9GBn2GQIiYI8Ak_7Z1h8tmOTTiNd5_LVOKHWIxmC5uTDd1wiKoWRFJFQs-eWsy2Z73WC6EALnbauXWtzYmrHdCpEk1wzbNuL7ZAAXmsI0wKGManZ3ygJX6WhTYxqxNrWiaTqPJ6suWpjZ4lM5nqEUNnpK0jSNHidN3RHNWQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0.0011391658777204006&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&label_ids=108,0,4,89&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fmastercard.ai%2F&auction_time=1689844729&show_count=1&from_cache=0&original_bid_usd=0&mlf=1&cpa=44a011bd-3df7-4586-a766-d89e424e79ee&mlc=1&format=default-slide-b_r-body
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 09:18:51 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame DA5E 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

7417691689267565218792.jpeg
cdn.adx1.com/ Frame DA5E
Redirect Chain

https://eu.doctorpost.net/nty/metrics/save.img?event=impressions&bid-id=v2-1689844730558-7-3674-1230852-e9500f2a-77b5-bf84-c78e-fe882e525083&img=https%3A%2F%2Fcdn.adx1.com%2F7417691689267565218792....
https://cdn.adx1.com/7417691689267565218792.jpeg

25 KB
26 KB

32ms
28ms

Image
image/jpeg

5.200.15.239
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/7417691689267565218792.jpeg
Protocol: H2
Server: 5.200.15.239 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 717f2fbde8e71e4815245fa8a9fd5859a45d060f18d69749d0ef3c5239a0f26c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:51 GMT
last-modified: Thu, 13 Jul 2023 16:59:25 GMT
server: openresty/1.21.4.1
etag: "64b02d6d-6550"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 25936
expires: Thu, 27 Jul 2023 17:00:48 GMT

Redirect headers

location: https://cdn.adx1.com/7417691689267565218792.jpeg
date: Thu, 20 Jul 2023 09:18:51 GMT
server: openresty/1.21.4.1
content-length: 0

GET
H2 200 /
49b2837491.589aa99d18.com/in/show/ 0
200 B 22ms
15ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://49b2837491.589aa99d18.com/in/show/?mid=4477447824869749546&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1375110137&sid=2649338436&cid=13261&price=0.0081972&is_cpm=0&cpm=0&ecpm=0.014123026672682499&crid=&crtid=a05b06d99e4e6b0aa803b6687b87940c&tcid=0&out_id=0&ver=8.77.0&ver_c=&refdom=mastercard.ai&hostname=auc-inpage-hz-5-a&site_id=31293536&spot_id=293536&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1689916729&created_at=2023-07-20&is_native=1&auction_queue=&burl=FAwNP8VE8kGJw5xL6e246i3hOyLWsY64Mkb5CqxoUbTNEtRgoRvvJQ&pop_winurl=&ip=178.162.209.138&testab=0&px_id=73293536&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=35bc0fd94fcfd773738f412a735d9de7dabab8d6dfff0f937ccbc02173fa8373&exp=1440&resp_type=&iabcat=IAB25-3&min_cpm=0.00043444333097585947&placement_type_id=0&skin_test=0&verify_hash=5a303dcb05353c324751162166da19b4&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1375110137%26spot_id%3D293536%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fmastercard.ai%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.0081972&user_fp=15780766682644898978&v2=0&v2_track=0&is_pop_cpc=0&applied_features=prod,main-skins-settings&url=QJxydDcT3B5vtkmQW-9hOvncoDl7MGW4FgWNb4VY6tQPkq4f4jPu0hW0TZxOwygwp8CMykhmPvg2Qtgf5Z7dASbxanDrBeqr18c1oKR4xA0bh5AoGhdKBCP5LO9OWWQl7p8van4UguDcJzyKR-FfnrUehWCEmO6SVd7rHnpHLRiiBSQ1PxLITjygoWbZzpJT-aAmO7m6o-szhEjGuVihJ2bLtghNujfjPr_RoIVYeYdGyRML606_krLZ5neucM5NR0EGukoSMM6yjrZpIyW-hez27NlyYowKO6KtlwRBnhTzug8fSLxcKdT8N336RnSHcw&image_url=https%3A%2F%2Fcdn.adx1.com%2F741769168926756519360.jpeg&skin_id=2&vertical_id=0&real_bid=0.005516715420198434&pr=&user_keywords=&auc_type=1&aid=3251&ext_cid=0&device_theme=light&keywords=&label_ids=4,90,98,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fmastercard.ai%2F&auction_time=1689844729&show_count=1&from_cache=0&original_bid_usd=0.0081972&cpa=2565db3d-219c-4c59-ac38-a939ed7f484b&format=default-slide-b_r-body
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mastercard.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 09:18:51 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 741769168926756519360.jpeg
cdn.adx1.com/ Frame DA5E 95 KB
95 KB 101ms
42ms Image
image/jpeg 5.200.15.239
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/741769168926756519360.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.200.15.239 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: a5dc2ed6a9a37b7c0ce09219cb6a52e494233412e46e11edbc4b03cd596c775d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 09:18:51 GMT
last-modified: Thu, 13 Jul 2023 16:59:25 GMT
server: openresty/1.21.4.1
etag: "64b02d6d-17ccb"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 97483
expires: Thu, 27 Jul 2023 17:01:29 GMT

GET
H2 200 go.php Show response
ofaba.live/ Frame 972C 641 B
314 B 152ms
26ms Document
text/html 185.66.201.7
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ofaba.live/go.php?go=https%3A%2F%2Fus-1.rwe-twe.com%2F%3Futm_medium%3D02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5%26utm_campaign%3DMS-SL-NA%26cid%3D90affC1689844731aff658c04f116699a589a880%261%3D29705698&do=9550bac61a5cd333cad731a7b7f53bfb
Requested by: Host: namel.net
URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XAdCAiGZjrrjZCiGkkjdCpCrGjNrdZNZxkNrijCrCZZZCCrixCrrACrCrGCxCixirrirriCCrxi_79813&adApiR=loaded_string_60766291cc87f01c733ce0d5ab0e85b1ceefa_2615678_1689844731.3495_91044&refferer=1028720021_aHR0cDovL21hc3RlcmNhcmQuYWk=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.201.7 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.7.skhosting.eu
Software: nginx /
Resource Hash: 67d1126f9af61789848b46fc761c91f2013716190bf36bb2bba3bebb0e1a012a

Request headers

Referer: https://namel.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 09:18:51 GMT
server: nginx

GET
H2 200 tag Show response
adtrace.online/ Frame 163B 1 B
467 B 65ms
38ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrace.online/tag
Requested by: Host: 26b1d20dfe.0008d6ba2e.com
URL: https://26b1d20dfe.0008d6ba2e.com/894e7ae75a0fbefb8ab89e1af0dc7286.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://mastercard.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e9a1e859b299128-FRA
content-encoding: br
content-type: text/html
date: Thu, 20 Jul 2023 09:18:51 GMT
last-modified: Thu, 06 Jul 2023 06:32:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BziFfZ3f7b6BGFxfnlF6rJy3HqPaiBCUd%2FUfDIpXOVnqJiDzC%2BJkJVLXKP5LOYKb4dx%2FUEBbhmGDRFSzTAR%2FdrMlhiFIRbrnDQXSz6sg632ymfvi20sixpR7ANPWyNX%2By4JO7ldkdTGQShEEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 / Show response
us-1.rwe-twe.com/ Frame 972C 1 KB
926 B 339ms
110ms Document
text/html 65.60.9.235
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&cid=90affC1689844731aff658c04f116699a589a880&1=29705698
Requested by: Host: ofaba.live
URL: https://ofaba.live/go.php?go=https%3A%2F%2Fus-1.rwe-twe.com%2F%3Futm_medium%3D02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5%26utm_campaign%3DMS-SL-NA%26cid%3D90affC1689844731aff658c04f116699a589a880%261%3D29705698&do=9550bac61a5cd333cad731a7b7f53bfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.60.9.235 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: 6e7d700caf67e4fb02f50e10a0043a5efce4bf48b0012ae586197f00323c1acd

Request headers

Referer: https://ofaba.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 09:18:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://us-1.rwe-twe.com/?utm_term=7257827859274661896
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 / Show response
us-1.rwe-twe.com/ Frame 972C 6 KB
2 KB 111ms
111ms Document
text/html 65.60.9.235
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1.rwe-twe.com/?utm_term=7257827859274661896
Requested by: Host: us-1.rwe-twe.com
URL: https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&cid=90affC1689844731aff658c04f116699a589a880&1=29705698
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.60.9.235 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: e20f3e83e21cf6d3233a9f12826e0baa58eef0ea2a5c6fc2751300e9ecefdb72

Request headers

Referer: https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&cid=90affC1689844731aff658c04f116699a589a880&1=29705698
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 09:18:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
namel.net/d0d63e31e7/070a954047	1970-01-20 13:25:11	Name: total_impressions Value: 1
www.google.com/recaptcha	1970-01-20 17:43:16	Name: _GRECAPTCHA Value: 09AAe1jK-JCrnlnaM2kFi4tU07nHqLzBcy-TyfhHMLkmSrgwEGoTXHboFisxaEu2iTW7d_fOvMLzPs-DOA23DaL3c
fp.metricswpsh.com/	1970-01-20 22:09:40	Name: id Value: 14787869532609223003
.vdbaa.com/	1970-01-20 13:25:12	Name: used_ad2615678 Value: 1
.vdbaa.com/	1970-01-20 13:25:12	Name: total_impressions Value: 1
.vdbaa.com/	1970-01-20 14:07:16	Name: cpa_673873 Value: popup_537281182_4
namel.net/	1970-01-20 13:25:11	Name: used_ad2615678 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S654664978%3A1689844730029098&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXjdgqdpTKpI0iab40HE-OlZ2H737jGcM4XKcyTmXM03oTBOe4eJV0Yho2oRmPUnEJJK84Xc&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26b1d20dfe.0008d6ba2e.com
49b2837491.589aa99d18.com
a757fa57e7.5cb068fb21.com
accounts.google.com
adtrace.online
cdn.adx1.com
eu.doctorpost.net
fonts.googleapis.com
fp.metricswpsh.com
js.capndr.com
js.wpadmngr.com
mastercard.ai
maxcdn.bootstrapcdn.com
namel.net
nereserv.com
ofaba.live
static.bookmsg.com
us-1.rwe-twe.com
vdbaa.com
www.google.com
www.gstatic.com
yx-tr-val.com
157.90.84.242
185.199.109.153
185.66.200.220
185.66.200.221
185.66.201.58
185.66.201.7
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:810::200d
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2004
2a00:1630:771::12
2a01:4f8:252:561a::2
2a06:98c1:3121::3
45.133.44.52
45.133.44.53
5.200.15.239
65.60.9.235
88.198.200.20
94.130.198.6
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01c71e162607df5b9dd58ec5460cc91139e53c43f52512648895c439bc5c9608
16b7516de0467267a4d62a49a8391804132776eaa1244890df09154d440ee483
2347125f250e16855d8229f8e941cc376dfe7a9d5caddc3206d20952b1f46c48
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
39d08888f1f627756f294564f32a78a8aa8a8efcdde643c0d5b3fd564d9e3bf0
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
4492635edd6b1b7c576b8a4b4c51e9843dd8b06ab34f4959d33dea5500e48385
5468c890ef602977130a0f59d15243417fdb9b8d70da59ebc72be7e044b63d14
55aef47cdb4d66e34d8054aa2ea8aea81984e05ffd7a7e756b40e84d3b122ce0
635226bb84303d089873f540e6f0a38abea26d6466329452766dc965adb98a27
67d1126f9af61789848b46fc761c91f2013716190bf36bb2bba3bebb0e1a012a
6813c713cd0992476875ccbe5ebc117bcca5b9f4b3e2073b1e56b125f55a6261
6e7d700caf67e4fb02f50e10a0043a5efce4bf48b0012ae586197f00323c1acd
717f2fbde8e71e4815245fa8a9fd5859a45d060f18d69749d0ef3c5239a0f26c
7cb5ee2bea931d1c90e90506698e25ea0010f60ed2ec97766840410e1315a554
7f827f28ee4ea717504786f0298c6c576e83038b5a9fd327ca38b58cb8ed2550
8b0c746b1dfbfd8429d32fcb994fb2223fb4724a5942e255bb4a4e96351579ef
8cb0fd13083256783357c2abef1fb3cb395a73760bb7c372bcb8e3b195162797
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9ddb56f1bb8c88b1dd421c29f43b684be7b89c0cf056e0b61e2f2719e93e7aa3
a5dc2ed6a9a37b7c0ce09219cb6a52e494233412e46e11edbc4b03cd596c775d
acccc31dbf746699a0d02ae545cf89a194d7158732cb5a88f4a514e04ea3fc1d
b3b9e5d75cf2e758f9a2a6673792bc4c8be3ab7d8af28a1976266bffd1ccb6d2
bd585d7c20fc4d9d4476639dbe037392fa02ea8e5fc3b001f6d9e964bfda2fdd
c91d7242589722eec07910a5a5fe2b8855c57100fbfbdc93d6604823a9402458
dea50e3de98720a9e3d390a4783a4dcad4dfdb2471717debe7e9445de1a3c005
e20f3e83e21cf6d3233a9f12826e0baa58eef0ea2a5c6fc2751300e9ecefdb72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
eb0be6c6e7ba1807e4b3583c59955985c6758654730e7072730932e796b72d41
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

mastercard.ai Open in urlscan Pro 185.199.109.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

95 %HTTPS

40 %IPv6

21 Domains

22 Subdomains

19 IPs

4 Countries

931 kBTransfer

2163 kBSize

7 Cookies

1 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mastercard.ai Open in urlscan Pro
185.199.109.153 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

95 %
HTTPS

40 %
IPv6

21
Domains

22
Subdomains

19
IPs

4
Countries

931 kB
Transfer

2163 kB
Size

7
Cookies

40 HTTP transactions
1 data transactions