wirecard-nacitiprepaid.tk Open in urlscan Pro
2606:4700:30::681c:1c04  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wirecard-nacitiprepaid.tk/	37 KB 8 KB	391ms 357ms	Document text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash f863a0d73c63df241e4a304e07948b2686bed793c724076c4fe158f7bf44e65b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority wirecard-nacitiprepaid.tk :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Wed, 17 Apr 2019 18:44:35 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675; expires=Thu, 16-Apr-20 18:44:35 GMT; path=/; domain=.wirecard-nacitiprepaid.tk; HttpOnly x-xss-protection 1; mode=block x-content-type-options nosniff x-request-id 073e75ef80cf3f433a7d4fed0b9e5e8d expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4c908d194ff496d6-FRA content-encoding br
GET H/1.1	200 OK	jquery-new.js Show response login.wirecard.com/xContent/content/op/j/	85 KB 30 KB	798ms 295ms	Script application/javascript	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/j/jquery-new.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Mon, 22 May 2017 08:17:42 GMT Server Microsoft-IIS/8.5 ETag "01713e2d3d2d21:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Vary Accept-Encoding Content-Length 30217
GET H/1.1	200 OK	sw.css login.wirecard.com/xContent/content/op/c/	40 KB 9 KB	631ms 157ms	Stylesheet text/css	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/c/sw.css Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 2370732a156a968661f91dfba46adc245ea58cfdc93bc05c45a0e196872cb3b3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 25 Apr 2018 15:35:58 GMT Server Microsoft-IIS/8.5 ETag "0c3551babdcd31:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Vary Accept-Encoding Content-Length 9000
GET H/1.1	200 OK	partner.css login.wirecard.com/xContent/content/op/c/	6 KB 2 KB	771ms 278ms	Stylesheet text/css	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/c/partner.css Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 69f5a1490b99d6b6ad09b80da45e4f5d6590a02062ff81b3babdd75de05271f5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 21 Mar 2017 15:45:18 GMT Server Microsoft-IIS/8.5 ETag "0fbe2235aa2d21:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Vary Accept-Encoding Content-Length 1623
GET H/1.1	200 OK	niftycube.js Show response login.wirecard.com/xContent/content/op/j/	9 KB 3 KB	676ms 171ms	Script application/javascript	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/j/niftycube.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 1b878d72995050c82973b146fee4642c234e396c0c57e2467e8e26f7215bde8f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 22 May 2012 13:46:02 GMT Server Microsoft-IIS/8.5 ETag "09e5392138cd1:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Vary Accept-Encoding Content-Length 2779
GET H/1.1	200 OK	niftyLayout.js Show response login.wirecard.com/xContent/content/op/j/	474 B 771 B	690ms 177ms	Script application/javascript	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/j/niftyLayout.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash d77628d93eb16fa2fcf16e51d21d6815c85d96ba8120edfbd2876afe8016da3c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT X-Content-Type-Options nosniff Last-Modified Tue, 22 May 2012 13:46:02 GMT Server Microsoft-IIS/8.5 ETag "09e5392138cd1:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 474
GET H/1.1	200 OK	layers.js Show response login.wirecard.com/xContent/content/op/j/	6 KB 1 KB	783ms 171ms	Script application/javascript	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/j/layers.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 4deea112d4fa663b5ac8f9758746409d57b7ddeea89323fd175d1aa5f8a667fd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 22 May 2012 13:46:02 GMT Server Microsoft-IIS/8.5 ETag "09e5392138cd1:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Vary Accept-Encoding Content-Length 1142
GET H/1.1	200 OK	switch.js Show response login.wirecard.com/xContent/content/op/j/	701 B 998 B	748ms 117ms	Script application/javascript	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/j/switch.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash b855be742958956f4ecee4bc3dc06920b51a468729e65ca7930509254112e61e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT X-Content-Type-Options nosniff Last-Modified Tue, 22 May 2012 13:46:02 GMT Server Microsoft-IIS/8.5 ETag "09e5392138cd1:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Accept-Ranges bytes Content-Length 701
GET H2	404	tokenprocessor.js wirecard-nacitiprepaid.tk/scripts/js/common/	0 0	323ms 322ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/common/tokenprocessor.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/common/tokenprocessor.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d1b9c3e96d6-FRA x-xss-protection 1; mode=block x-request-id 4054ad1ad59c213b2b812c68a921ae76 expires Wed, 17 Apr 2019 22:44:36 GMT
GET H2	404	commonva.js wirecard-nacitiprepaid.tk/scripts/js/common/	0 0	350ms 348ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/common/commonva.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/common/commonva.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d1b9c3f96d6-FRA x-xss-protection 1; mode=block x-request-id 5f23613f0d692e67c43f3525423a3d92 expires Wed, 17 Apr 2019 22:44:36 GMT
GET H/1.1	200 OK	default-partner.gif login.wirecard.com/xContent/content/op/i/	4 KB 5 KB	138ms 137ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/default-partner.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 41a1cbe84b419a6ccd55527142aeba75bd2db276e0de719b8707a58c15ca7e05 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT X-Content-Type-Options nosniff Last-Modified Thu, 27 Oct 2016 20:27:23 GMT Server Microsoft-IIS/8.5 ETag "804713869030d21:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 4328
GET H/1.1	200 OK	default-cards.gif login.wirecard.com/xContent/content/op/i/	38 KB 38 KB	118ms 117ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/default-cards.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 947d74d1edc23b9c5c33b661c03d9f106a96554ff64e032b4010b2b1c68d3604 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:35 GMT X-Content-Type-Options nosniff Last-Modified Tue, 28 Feb 2017 21:24:40 GMT Server Microsoft-IIS/8.5 ETag "0dce811992d21:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 38648
GET H2	404	AC_OETags.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	327ms 326ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/AC_OETags.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/AC_OETags.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d20bc1196d6-FRA x-xss-protection 1; mode=block x-request-id 007aa73eeffb0bddcd51f0c7abec91b8 expires Wed, 17 Apr 2019 22:44:36 GMT
GET H2	404	security.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	355ms 354ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/security.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/security.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d21fe2396d6-FRA x-xss-protection 1; mode=block x-request-id 0567a2b016cace5afabac157db7fbf0a expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	hashtable.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	324ms 319ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/hashtable.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/hashtable.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d222e5196d6-FRA x-xss-protection 1; mode=block x-request-id 856beae5aa100edeaa51f10f3788b968 expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	rsa.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	366ms 362ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/rsa.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/rsa.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d222e5296d6-FRA x-xss-protection 1; mode=block x-request-id cc346d0ab885912fcad31f036eb007ee expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	common.js wirecard-nacitiprepaid.tk/scripts/js/common/	0 0	325ms 321ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/common/common.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/common/common.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d222e5396d6-FRA x-xss-protection 1; mode=block x-request-id feb978cc05deb99059717e095effd85b expires Wed, 17 Apr 2019 22:44:37 GMT
GET H/1.1	200 OK	card-exp.gif login.wirecard.com/xContent/content/op/i/	9 KB 9 KB	107ms 105ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/card-exp.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash c0dba0a57004561ffc4ac16a986f01a3df1dbfa7181f2c3e0c8c4e33993218ed Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Tue, 22 May 2012 13:45:56 GMT Server Microsoft-IIS/8.5 ETag "08251362138cd1:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 8777
GET H2	404	simpleCaptcha.png wirecard-nacitiprepaid.tk/	14 KB 14 KB	330ms 326ms	Image text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://wirecard-nacitiprepaid.tk/simpleCaptcha.png Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 627c2fd168c193d82811b4247102557da92730def9b89cf66f8b2b050bd2b6e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /simpleCaptcha.png pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d222e5596d6-FRA x-xss-protection 1; mode=block x-request-id 480357a6ba18c0f71dfded352eeb487e expires Wed, 17 Apr 2019 22:44:37 GMT
GET H/1.1	200 OK	refresh.png login.wirecard.com/xContent/content/op/i/	832 B 1 KB	131ms 128ms	Image image/png	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/refresh.png Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 29bd1c38eac0fe866ac0d9ecf82beb2733a74a567c04ffaab3dc069644b59590 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Tue, 18 Sep 2012 11:01:42 GMT Server Microsoft-IIS/8.5 ETag "0af8fc8c95cd1:0" X-Frame-Options SAMEORIGIN Content-Type image/png Accept-Ranges bytes Content-Length 832
GET H/1.1	200 OK	login-new.gif login.wirecard.com/xContent/content/op/i/	1 KB 2 KB	130ms 128ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/login-new.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash b07f051617d90d44328457b84da2e10f7e8ee49ac31685e99c184524cf7a4473 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Fri, 20 Jan 2017 22:03:12 GMT Server Microsoft-IIS/8.5 ETag "0d0dbfd6873d21:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 1358
GET H/1.1	200 OK	login-fast.gif login.wirecard.com/xContent/content/op/i/	1 KB 2 KB	142ms 140ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/login-fast.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 7d49eca3b8d462e084a216b0db4eaf99f30750e361bc2c731f9dccb4233f6707 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Fri, 20 Jan 2017 20:32:50 GMT Server Microsoft-IIS/8.5 ETag "045185e5c73d21:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 1408
GET H/1.1	200 OK	user.gif login.wirecard.com/xContent/content/op/i/	81 B 365 B	107ms 104ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/user.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 3933dbae00516a2490e3cae73851a9c78c0032003ca0afe8eb77783271969506 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Mon, 16 May 2016 19:28:24 GMT Server Microsoft-IIS/8.5 ETag "0bceb1ca9afd11:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 81
GET H/1.1	200 OK	login-reward.gif login.wirecard.com/xContent/content/op/i/	1 KB 2 KB	132ms 130ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/login-reward.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 8fe86683b6cb60c2a00a65fd4eb014208471c8018f53300301c72da21da2f95c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Fri, 20 Jan 2017 22:08:50 GMT Server Microsoft-IIS/8.5 ETag "08552c76973d21:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 1385
GET H2	200	footer-powered-by-000webhost-white2.png cdn.000webhost.com/000webhost/logo/	2 KB 2 KB	82ms 20ms	Image image/webp	2606:4700:10::6814:432e Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:432e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5 Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:36 GMT cf-cache-status HIT cf-polished origFmt=png, origSize=2046 status 200 content-disposition inline; filename="footer-powered-by-000webhost-white2.webp" cf-bgj imgq:100 x-hostinger-datacenter srv content-length 1696 last-modified Wed, 17 Apr 2019 08:30:22 GMT server cloudflare etag "5cb6e41e-7fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp cache-control public, max-age=14400 x-hostinger-node nl-srv-cdn1 accept-ranges bytes cf-ray 4c908d228997c2c9-FRA expires Wed, 17 Apr 2019 22:44:36 GMT
GET H/1.1	200 OK	print.css login.wirecard.com/xContent/content/op/c/	1 KB 2 KB	105ms 105ms	Stylesheet text/css	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Full URL https://login.wirecard.com/xContent/content/op/c/print.css Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 758261326eeb250973137caa9168671c607cdcbb01a7d7f231f3a6b488a309f6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Tue, 22 May 2012 13:45:14 GMT Server Microsoft-IIS/8.5 ETag "0d1481d2138cd1:0" X-Frame-Options SAMEORIGIN Content-Type text/css Accept-Ranges bytes Content-Length 1295
GET H2	404	tokenprocessor.js wirecard-nacitiprepaid.tk/scripts/js/common/	0 0	15ms 14ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/common/tokenprocessor.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/common/tokenprocessor.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d21fe0c96d6-FRA x-xss-protection 1; mode=block x-request-id 4054ad1ad59c213b2b812c68a921ae76 expires Wed, 17 Apr 2019 22:44:36 GMT
GET H2	404	commonva.js wirecard-nacitiprepaid.tk/scripts/js/common/	0 0	11ms 10ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/common/commonva.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/common/commonva.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d220e3096d6-FRA x-xss-protection 1; mode=block x-request-id 5f23613f0d692e67c43f3525423a3d92 expires Wed, 17 Apr 2019 22:44:36 GMT
GET H/1.1	200 OK	bg-communication.gif login.wirecard.com/xContent/content/op/i/	100 B 385 B	199ms 104ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/bg-communication.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 133ffba3c6d5383813eeabf52b44c086aa10424d60ae15f3fd5952972cb0b904 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://login.wirecard.com/xContent/content/op/c/sw.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Tue, 22 May 2012 13:45:58 GMT Server Microsoft-IIS/8.5 ETag "0af82372138cd1:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 100
GET H2	404	hashtable.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	11ms 10ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/hashtable.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/hashtable.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d2439e196d6-FRA x-xss-protection 1; mode=block x-request-id 856beae5aa100edeaa51f10f3788b968 expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	common.js wirecard-nacitiprepaid.tk/scripts/js/common/	0 0	12ms 11ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/common/common.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/common/common.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d246a4996d6-FRA x-xss-protection 1; mode=block x-request-id feb978cc05deb99059717e095effd85b expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	hashtable.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	30ms 29ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/hashtable.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/hashtable.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d249a9996d6-FRA x-xss-protection 1; mode=block x-request-id 856beae5aa100edeaa51f10f3788b968 expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	rsa.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	11ms 10ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/rsa.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/rsa.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d24bac096d6-FRA x-xss-protection 1; mode=block x-request-id cc346d0ab885912fcad31f036eb007ee expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	AC_OETags.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	13ms 12ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/AC_OETags.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/AC_OETags.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d24cada96d6-FRA x-xss-protection 1; mode=block x-request-id 007aa73eeffb0bddcd51f0c7abec91b8 expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	security.js wirecard-nacitiprepaid.tk/scripts/js/security/	0 0	11ms 10ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/security/security.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/security/security.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d24db0f96d6-FRA x-xss-protection 1; mode=block x-request-id 0567a2b016cace5afabac157db7fbf0a expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	common.js wirecard-nacitiprepaid.tk/scripts/js/common/	0 0	11ms 11ms	Script text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://wirecard-nacitiprepaid.tk/scripts/js/common/common.js Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /scripts/js/common/common.js pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d24fb3c96d6-FRA x-xss-protection 1; mode=block x-request-id feb978cc05deb99059717e095effd85b expires Wed, 17 Apr 2019 22:44:37 GMT
GET H2	404	simpleCaptcha.png wirecard-nacitiprepaid.tk/	14 KB 14 KB	10ms 10ms	Image text/html	2606:4700:30::681c:1c04 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://wirecard-nacitiprepaid.tk/simpleCaptcha.png Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 627c2fd168c193d82811b4247102557da92730def9b89cf66f8b2b050bd2b6e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /simpleCaptcha.png pragma no-cache cookie __cfduid=d648c8c4c315cc33d1b6d49c9c10404501555526675 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority wirecard-nacitiprepaid.tk referer https://wirecard-nacitiprepaid.tk/ :scheme https :method GET Referer https://wirecard-nacitiprepaid.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 17 Apr 2019 18:44:37 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 cache-control public, max-age=14400 cf-ray 4c908d250b6496d6-FRA x-xss-protection 1; mode=block x-request-id 480357a6ba18c0f71dfded352eeb487e expires Wed, 17 Apr 2019 22:44:37 GMT
GET H/1.1	200 OK	default-footer.gif login.wirecard.com/xContent/content/op/i/	2 KB 3 KB	106ms 105ms	Image image/gif	204.141.49.30 NTT America
General Check archive.org Show headers Download Go to Show image Full URL https://login.wirecard.com/xContent/content/op/i/default-footer.gif Requested by Host: wirecard-nacitiprepaid.tk URL: https://wirecard-nacitiprepaid.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.141.49.30 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / Resource Hash 1760462baef734bd33fc41b1c4da2d7f9601eaa0e859451536ad80d3e0815f51 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://login.wirecard.com/xContent/content/op/c/sw.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 17 Apr 2019 18:44:36 GMT X-Content-Type-Options nosniff Last-Modified Wed, 07 Dec 2016 21:33:20 GMT Server Microsoft-IIS/8.5 ETag "0509187d150d21:0" X-Frame-Options SAMEORIGIN Content-Type image/gif Accept-Ranges bytes Content-Length 2405

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Northlane (Financial)

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| windowOnLoad function| $ function| jQuery function| niftyOk boolean| niftyCss object| oldonload function| AddCss function| Nifty function| Rounded function| AddTop function| AddBottom function| CreateStrip function| CreateEl function| FixIE function| SameHeight function| getElementsBySelector function| getParentBk function| getBk function| getPadding function| getStyleProp function| rgb2hex function| Mix function| NiftyLoad function| myVoid function| toggleLayer function| disableButtons function| hideLayers function| displayLayers function| disableLayers function| enableLayers function| hideAndDisplayLayers function| formSubmitOnce function| hide2AndDisplayLayers function| disableButtonsTimer function| enableProgramSelection function| display function| hide function| isDisplayed function| toggle function| closer function| selectLanguage function| replaceQueryString string| flashMovie string| flashVars function| refreshData function| changeCountry function| getCookie object| notification object| hostingerLogo undefined| mainContent object| newList undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| h1Tag undefined| paragraph undefined| list undefined| listElements undefined| org_html undefined| new_html undefined| saleImage

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wirecard-nacitiprepaid.tk/	1970-01-19 08:51:02	Name: __cfduid Value: d648c8c4c315cc33d1b6d49c9c10404501555526675

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://login.wirecard.com/xContent/content/op/j/jquery-new.js(Line 2) Message: jQuery.Deferred exception: addtoken is not defined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.000webhost.com
login.wirecard.com
wirecard-nacitiprepaid.tk
204.141.49.30
2606:4700:10::6814:432e
2606:4700:30::681c:1c04
133ffba3c6d5383813eeabf52b44c086aa10424d60ae15f3fd5952972cb0b904
1760462baef734bd33fc41b1c4da2d7f9601eaa0e859451536ad80d3e0815f51
1b878d72995050c82973b146fee4642c234e396c0c57e2467e8e26f7215bde8f
2370732a156a968661f91dfba46adc245ea58cfdc93bc05c45a0e196872cb3b3
29bd1c38eac0fe866ac0d9ecf82beb2733a74a567c04ffaab3dc069644b59590
3933dbae00516a2490e3cae73851a9c78c0032003ca0afe8eb77783271969506
41a1cbe84b419a6ccd55527142aeba75bd2db276e0de719b8707a58c15ca7e05
4deea112d4fa663b5ac8f9758746409d57b7ddeea89323fd175d1aa5f8a667fd
627c2fd168c193d82811b4247102557da92730def9b89cf66f8b2b050bd2b6e5
69f5a1490b99d6b6ad09b80da45e4f5d6590a02062ff81b3babdd75de05271f5
758261326eeb250973137caa9168671c607cdcbb01a7d7f231f3a6b488a309f6
7d49eca3b8d462e084a216b0db4eaf99f30750e361bc2c731f9dccb4233f6707
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8fe86683b6cb60c2a00a65fd4eb014208471c8018f53300301c72da21da2f95c
947d74d1edc23b9c5c33b661c03d9f106a96554ff64e032b4010b2b1c68d3604
b07f051617d90d44328457b84da2e10f7e8ee49ac31685e99c184524cf7a4473
b855be742958956f4ecee4bc3dc06920b51a468729e65ca7930509254112e61e
c0dba0a57004561ffc4ac16a986f01a3df1dbfa7181f2c3e0c8c4e33993218ed
d77628d93eb16fa2fcf16e51d21d6815c85d96ba8120edfbd2876afe8016da3c
f863a0d73c63df241e4a304e07948b2686bed793c724076c4fe158f7bf44e65b