urlscan.io logo urlscan.io
SecurityTrails logo

138.69.165.128 Open in urlscan Pro
138.69.165.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://138.69.165.128/en/about/faq_account.shtml#:~:text=If%20your%20tag%20is%20lost,and%20charges%20on%20your%20account.
Effective URL: https://138.69.165.128/en/about/faq_account.shtml
Submission: On May 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 138.69.165.128, located in Latham, United States and belongs to AS11676, US. The main domain is 138.69.165.128.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 13th 2019. Valid for: 2 years.
This is the only time 138.69.165.128 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 138.69.165.128 11676 (AS11676)
1 3 2.16.186.35 20940 (AKAMAI-ASN1)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.184.245.88 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
32 7
20    138.69.165.128 (Latham, United States)

ASN11676 (AS11676, US)
PTR: devwkflow.etimspayments.com
138.69.165.128
3    2.16.186.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-35.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
1    18.184.245.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-245-88.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
Apex Domain
Subdomains		 Transfer
9 google.com
www.google.com — Cisco Umbrella Rank: 2
cse.google.com — Cisco Umbrella Rank: 2816
clients1.google.com — Cisco Umbrella Rank: 436
377 KB
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2406
bs.serving-sys.com — Cisco Umbrella Rank: 1414
24 KB
1 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 24
117 B
32 3
Domain Requested by
6 www.google.com 1 redirects www.google.com
138.69.165.128
3 secure-ds.serving-sys.com 1 redirects 138.69.165.128
2 cse.google.com 138.69.165.128
www.google.com
1 clients1.google.com 138.69.165.128
1 www.googleapis.com 138.69.165.128
1 bs.serving-sys.com secure-ds.serving-sys.com
32 6
Subject Issuer Validity Valid
*.txtag.org
DigiCert SHA2 Secure Server CA		 2019-02-13 -
2021-02-13		 2 years crt.sh
secure-ds.serving-sys.com
R3		 2023-05-02 -
2023-07-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-03-11 -
2024-04-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://138.69.165.128/en/about/faq_account.shtml
Frame ID: C012C46756960822EFBFC9CFA55F9181
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TxTagsearch

Detected technologies

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

32
Requests

31 %
HTTPS

57 %
IPv6

3
Domains

6
Subdomains

7
IPs

2
Countries

975 kB
Transfer

1149 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc HTTP 301
  • https://cse.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
Request Chain 19
  • https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/9/5179 HTTP 302
  • https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request faq_account.shtml
138.69.165.128/en/about/ 		19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
e56cce3ad22ff4d8da79a9fa71b053ce307989aec1af40759a77f386fc052c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
19415
Content-Type
text/html
Date
Mon, 08 May 2023 00:27:11 GMT
Server
Strict-Transport-Security
max-age=31536000
X-ASPNET-VERSION
X-Frame-Options
SAMEORIGIN
X-POWERED-BY
ezpass.css
138.69.165.128/en/common/ 		40 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/ezpass.css
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
aa6c8d0e232df50b47858f694e2befc6a73b5b795db66eb169902e4a9edf2dca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Wed, 08 Jan 2020 15:15:22 GMT
Server
X-ASPNET-VERSION
ETag
"d3e52e7236c6d51:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
40975
jquery-ui-1.12.1.custom.css
138.69.165.128/en/common/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/jquery-ui-1.12.1.custom.css
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
a7ac54f58ba507b13621ceb6fcf5fe879f5ac9bdcf049d16153110c6ad048c7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 16 May 2019 09:14:42 GMT
Server
X-ASPNET-VERSION
ETag
"0ada0cbc7bd51:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
37326
jquery-2.2.4.min.js
138.69.165.128/en/common/js/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/jquery-2.2.4.min.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 16 May 2019 09:26:48 GMT
Server
X-ASPNET-VERSION
ETag
"07c5b7cc9bd51:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
85578
ui.core.js
138.69.165.128/en/common/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/ui.core.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
0ed291dd031b560da403ed790f83d43f4e8f04eb0848b8fb63d3349539a10fba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:18 GMT
Server
X-ASPNET-VERSION
ETag
"0836cbfe7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7514
jquery.easing.js
138.69.165.128/en/common/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/jquery.easing.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:18 GMT
Server
X-ASPNET-VERSION
ETag
"0836cbfe7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
8101
jquery.cookie.js
138.69.165.128/en/common/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/jquery.cookie.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:18 GMT
Server
X-ASPNET-VERSION
ETag
"0836cbfe7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4246
jquery.scrollfollow.js
138.69.165.128/en/common/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/jquery.scrollfollow.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
71a24bdeec0abd170a3b43bf994d1c7bcbe19e63415cf05b54f425f22a33829e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:18 GMT
Server
X-ASPNET-VERSION
ETag
"0836cbfe7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7682
jquery-ui-1.12.1.custom.min.js
138.69.165.128/en/common/js/ 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/jquery-ui-1.12.1.custom.min.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 16 May 2019 09:25:28 GMT
Server
X-ASPNET-VERSION
ETag
"074ac4cc9bd51:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
253669
ezpass.js
138.69.165.128/en/common/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/ezpass.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
db9bcb38d91083ab87156963ad33a03000e67d1f4be2a20722082955356b4831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Wed, 19 Mar 2014 19:31:49 GMT
Server
X-ASPNET-VERSION
ETag
"80802fdfa943cf1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4746
messages.css
138.69.165.128/en/custom/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/custom/messages.css
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
600d052789dfbb30f615c7f3496e9ee5affbc5b9cafa4a4358d76bf5764c2b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Tue, 01 Jul 2014 21:20:52 GMT
Server
X-ASPNET-VERSION
ETag
"01214567295cf1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2095
home.js
138.69.165.128/en/home/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/home/home.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
29cb3eab4d9bf78c2c5c6e8cec474e364851fa350ead037d2a38ada56d5c664c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Wed, 13 Dec 2017 19:47:53 GMT
Server
X-ASPNET-VERSION
ETag
"6e1733444b74d31:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7321
slides.min.jquery.js
138.69.165.128/en/common/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/common/js/slides.min.jquery.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
56aa55fef8efc2df0844e91d58884f9722533ce8fcd1ed8fe82fc0591387156c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:18 GMT
Server
X-ASPNET-VERSION
ETag
"0836cbfe7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
6784
logo_txtag_trans.gif
138.69.165.128/en/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://138.69.165.128/en/images/logo_txtag_trans.gif
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
5be8b03bc9927f46769c1af060624d99512a20c040b077fdcc89542e9dcd5c9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:21 GMT
Server
X-ASPNET-VERSION
ETag
"804636c1e7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2115
bg_splash_faqs.jpg
138.69.165.128/en/images/splash/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://138.69.165.128/en/images/splash/bg_splash_faqs.jpg
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
072094ebd2bb7b212f0794d6d3cf0bdc7847f9e444d250a1c24199fc24b69b36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Mon, 21 Oct 2013 17:17:32 GMT
Server
X-ASPNET-VERSION
ETag
"01e4a6d81cece1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
19982
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 00:27:20 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 15:16:07 GMT
server
AmazonS3
x-amz-request-id
30BHQWK760RF8BTY
x-amz-cf-pop
FRA56-C1
etag
"30ffb8d6ca1409bc5da2d7dad3c36fe1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
eHutYfJYZ-aDE95KicO1DIg61I_OXPm3c_wI-FoWMgYpKgXEc8G4Sw==
x-amz-id-2
5pUb+SWNDarq5NA+O/xAMcZnNwPwsjwkbqzds4WPw5pdxRyuzgHrzKR+60mOYhzBsHDP0QlqSm8=
content-length
22605
pic1.jpg
138.69.165.128/en/images/header/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://138.69.165.128/en/images/header/pic1.jpg
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
31a8f40c6192e00666a22f2cd18a381fb04c1c78c1334ed37e9a323d6aa239a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Fri, 20 Sep 2013 18:14:53 GMT
Server
X-ASPNET-VERSION
ETag
"80cc7a4d2db6ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
48764
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
  • https://cse.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
H2
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
92bcf2f60cb84bfa37725ae2b9a2d9bf41227a8c7db41ecf2aa650a9b42ec6bc
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-oizt405sFc_oeJy41uVqVA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-oizt405sFc_oeJy41uVqVA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Mon, 08 May 2023 00:27:20 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2992
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Mon, 08 May 2023 00:27:20 GMT

Redirect headers

date
Mon, 08 May 2023 00:27:20 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
expires
Mon, 08 May 2023 00:57:20 GMT
bg_wrapper_repeat.jpg
138.69.165.128/en/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://138.69.165.128/en/images/bg_wrapper_repeat.jpg
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/common/ezpass.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
4fa29bb28f7f9577591faf175f478e77346db2dadc74a0948b8fbf7d712fc076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/common/ezpass.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:21 GMT
Server
X-ASPNET-VERSION
ETag
"804636c1e7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22612
nav_break.png
138.69.165.128/en/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://138.69.165.128/en/images/nav_break.png
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/common/ezpass.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
39ca22cc0236cd109535cd189e66c3b46d8962080812fac8820edde8c664c742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/common/ezpass.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Last-Modified
Thu, 10 Oct 2013 18:37:21 GMT
Server
X-ASPNET-VERSION
ETag
"804636c1e7c5ce1:0"
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1163
OneTagDefaultConfig.json
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain
  • https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/9/5179
  • https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
11 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
H2
Server
2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 00:27:20 GMT
last-modified
Wed, 26 Jan 2022 16:10:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
"8a10775ca6ced1445e22e0b4208c25b5"
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
11
x-amz-cf-id
N4I9OvGNiYSlKdvfgVUJlsnu-ZbH82zsm6jdiXFlrLJZwBgJmpgHcQ==

Redirect headers

location
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
access-control-allow-origin
*
date
Mon, 08 May 2023 00:27:20 GMT
server
AkamaiGHost
accept-ranges
bytes
content-length
0
HomePage.do
138.69.165.128/vector/homepage/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/vector/homepage/HomePage.do?ajax=getMessages&language=ENU
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/home/home.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
e1b0a10649c4b92f828523efc2ebe135ea9488179a2816888d1e84f786202dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/en/about/faq_account.shtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:13 GMT
Server
X-ASPNET-VERSION
X-POWERED-BY
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
cachemessage.asp
138.69.165.128/en/custom/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://138.69.165.128/en/custom/cachemessage.asp
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/common/js/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
138.69.165.128 Latham, United States, ASN11676 (AS11676, US),
Reverse DNS
devwkflow.etimspayments.com
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://138.69.165.128/en/about/faq_account.shtml
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 08 May 2023 00:27:11 GMT
Server
X-ASPNET-VERSION
X-POWERED-BY
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Content-Length
1245
cse_element__en.js
www.google.com/cse/static/element/8e77c7877b8339e2/ 		308 KB
308 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__en.js?usqp=CAM%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45457d866bd718cde7e184dc909841b02a946eaa210ec6554469f5624c08b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 00:34:34 GMT
x-content-type-options
nosniff
age
172366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314934
x-xss-protection
0
last-modified
Mon, 01 May 2023 18:40:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 05 May 2024 00:34:34 GMT
default+en.css
www.google.com/cse/static/element/8e77c7877b8339e2/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8e77c7877b8339e2/default+en.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 20:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
last-modified
Mon, 01 May 2023 18:40:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 05 May 2024 20:58:54 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=003448975604830486287:rluwnnd1agc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 23:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 08 May 2023 00:43:52 GMT
Serving
bs.serving-sys.com/ 		384 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=5179&dispType=js&sync=0&sessionid=4302198154822643213&pageurl=$$https%3A%2F%2F138.69.165.128%2Fen%2Fabout%2Ffaq_account.shtml$$&activityValues=$$Session%3D8880374321636938249$$&ns=0&rnd=6381250451434248&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.245.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-245-88.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0112432df6bbb033c4b1978962dd8d01953e54f3ecf81b40c22fa1525d3c913c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 00:27:20 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
289
expires
Sun, 05-Jun-2005 22:00:00 GMT
async-ads.js
cse.google.com/adsense/search/ 		140 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__en.js?usqp=CAM%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1658873477ef275f79fec84be7fbd506e6c313741a72c837466dda0881a3a876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 00:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"7206891201335125315"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Mon, 08 May 2023 00:27:20 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8e77c7877b8339e2/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/8e77c7877b8339e2/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:23:39 GMT
x-content-type-options
nosniff
age
119021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 05 May 2024 15:23:39 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 22:56:11 GMT
x-content-type-options
nosniff
age
91869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 05 May 2024 22:56:11 GMT
generate_204
www.googleapis.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 00:27:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: 138.69.165.128
URL: https://138.69.165.128/en/about/faq_account.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://138.69.165.128/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 00:27:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| MM_showHideLayers function| MM_swapImgRestore function| MM_swapImage boolean| submitFlag function| getCurrentDate function| initPCI function| disableBrowserBackButton function| captureEnterKey function| setAutoCompleteOff function| preventCrossFrameScripting function| preventBrowseBack function| printWindow function| closeWindow object| imagecache function| buttons function| headerImage number| SlideShowSpeed number| CrossFadeDuration object| Picture object| Caption undefined| tss number| iss number| jss number| pss object| preLoad function| runSlideShow function| getHTTPRequestObject function| getXMLHTTPRequestObject function| getXMLHTTPRequestObjectSync function| getXMLRequest object| xmlrequestHome function| getMessages function| setMessages function| runOnLoad function| locateAccount function| getAccountInfo function| checkLoggedIn function| setLoggedInInfo object| xmlhttpRequester object| versaTag object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData object| __gcse undefined| oneTagObj function| ebDecode object| bsResponseObj object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId number| googleNDT_ number| googleAltLoader

3 Cookies

Domain/Path Name / Value
bs.serving-sys.com/ Name: OT_5179
Value: 1
.serving-sys.com/ Name: OT2
Value: 0001gX1sA8
.serving-sys.com/ Name: u2
Value: a4112389-d10b-45ae-883c-a81ff280f4a84Mt060

9 Console Messages

Source Level URL
Text
security warning URL: https://138.69.165.128/en/about/faq_account.shtml
Message:
Mixed Content: The page at 'https://138.69.165.128/en/about/faq_account.shtml' was loaded over HTTPS, but requested an insecure element 'https://138.69.165.128/en/images/logo_txtag_trans.gif'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://138.69.165.128/en/about/faq_account.shtml
Message:
Mixed Content: The page at 'https://138.69.165.128/en/about/faq_account.shtml' was loaded over HTTPS, but requested an insecure element 'https://138.69.165.128/en/images/splash/bg_splash_faqs.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://138.69.165.128/en/about/faq_account.shtml
Message:
Mixed Content: The page at 'https://138.69.165.128/en/about/faq_account.shtml' was loaded over HTTPS, but requested an insecure element 'https://138.69.165.128/en/images/header/pic1.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://138.69.165.128/en/about/faq_account.shtml(Line 56)
Message:
Mixed Content: The page at 'https://138.69.165.128/en/about/faq_account.shtml' was loaded over HTTPS, but requested an insecure element 'https://138.69.165.128/en/images/logo_txtag_trans.gif'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://138.69.165.128/en/common/js/jquery-2.2.4.min.js(Line 2)
Message:
Mixed Content: The page at 'https://138.69.165.128/en/about/faq_account.shtml' was loaded over HTTPS, but requested an insecure element 'https://138.69.165.128/en/images/bg_wrapper_repeat.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://138.69.165.128/en/common/js/jquery-2.2.4.min.js(Line 2)
Message:
Mixed Content: The page at 'https://138.69.165.128/en/about/faq_account.shtml' was loaded over HTTPS, but requested an insecure element 'https://138.69.165.128/en/images/nav_break.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://138.69.165.128/en/about/faq_account.shtml(Line 256)
Message:
Mixed Content: The page at 'https://138.69.165.128/en/about/faq_account.shtml' was loaded over HTTPS, but requested an insecure element 'https://138.69.165.128/en/images/splash/bg_splash_faqs.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
network error URL: https://138.69.165.128/en/custom/cachemessage.asp
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://138.69.165.128/vector/homepage/HomePage.do?ajax=getMessages&language=ENU
Message:
Failed to load resource: the server responded with a status of 500 (Internal server error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bs.serving-sys.com
clients1.google.com
cse.google.com
secure-ds.serving-sys.com
www.google.com
www.googleapis.com
138.69.165.128
18.184.245.88
2.16.186.35
2a00:1450:4001:80e::2004
2a00:1450:4001:827::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200e
0112432df6bbb033c4b1978962dd8d01953e54f3ecf81b40c22fa1525d3c913c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
072094ebd2bb7b212f0794d6d3cf0bdc7847f9e444d250a1c24199fc24b69b36
0ed291dd031b560da403ed790f83d43f4e8f04eb0848b8fb63d3349539a10fba
1658873477ef275f79fec84be7fbd506e6c313741a72c837466dda0881a3a876
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
29cb3eab4d9bf78c2c5c6e8cec474e364851fa350ead037d2a38ada56d5c664c
31a8f40c6192e00666a22f2cd18a381fb04c1c78c1334ed37e9a323d6aa239a4
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
39ca22cc0236cd109535cd189e66c3b46d8962080812fac8820edde8c664c742
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
4fa29bb28f7f9577591faf175f478e77346db2dadc74a0948b8fbf7d712fc076
56aa55fef8efc2df0844e91d58884f9722533ce8fcd1ed8fe82fc0591387156c
5be8b03bc9927f46769c1af060624d99512a20c040b077fdcc89542e9dcd5c9b
600d052789dfbb30f615c7f3496e9ee5affbc5b9cafa4a4358d76bf5764c2b05
71a24bdeec0abd170a3b43bf994d1c7bcbe19e63415cf05b54f425f22a33829e
92bcf2f60cb84bfa37725ae2b9a2d9bf41227a8c7db41ecf2aa650a9b42ec6bc
9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
a7ac54f58ba507b13621ceb6fcf5fe879f5ac9bdcf049d16153110c6ad048c7c
aa6c8d0e232df50b47858f694e2befc6a73b5b795db66eb169902e4a9edf2dca
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
db9bcb38d91083ab87156963ad33a03000e67d1f4be2a20722082955356b4831
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e1b0a10649c4b92f828523efc2ebe135ea9488179a2816888d1e84f786202dbf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56cce3ad22ff4d8da79a9fa71b053ce307989aec1af40759a77f386fc052c6c
f45457d866bd718cde7e184dc909841b02a946eaa210ec6554469f5624c08b72