urlscan.io logo urlscan.io
SecurityTrails logo

mahacashback.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.ly/PM-Rehcharge-Yojana
Effective URL: https://mahacashback.com/PMR/
Submission: On October 04 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mahacashback.com.
TLS certificate: Issued by GTS CA 1P5 on September 19th 2023. Valid for: 3 months.
This is the only time mahacashback.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 2600:9000:249... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 103.231.212.226 18229 (CTRLS-AS-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
18 8
1    2606:4700:20::681a:dc9 (United States)

ASN13335 (CLOUDFLARENET, US)
t.ly
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
mahacashback.com
6    2606:4700:3032::6815:5681 (United States)

ASN13335 (CLOUDFLARENET, US)
a.jsdelivr.plus
3    2600:9000:2491:a00:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdki.truepush.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    103.231.212.226 (India)

ASN18229 (CTRLS-AS-IN CtrlS, IN)
PTR: static-103-231-212-226.ctrls.in
sdk.truepush.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
6 jsdelivr.plus
a.jsdelivr.plus
21 KB
4 truepush.com
sdki.truepush.com — Cisco Umbrella Rank: 76833
sdk.truepush.com — Cisco Umbrella Rank: 112050
20 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
32 KB
2 mahacashback.com
mahacashback.com
15 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
254 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
91 KB
1 t.ly
t.ly — Cisco Umbrella Rank: 132437
1 KB
18 7
Domain Requested by
6 a.jsdelivr.plus mahacashback.com
3 sdki.truepush.com mahacashback.com
sdki.truepush.com
2 cdn.jsdelivr.net mahacashback.com
2 mahacashback.com mahacashback.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com mahacashback.com
1 sdk.truepush.com sdki.truepush.com
1 t.ly 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
mahacashback.com
GTS CA 1P5		 2023-09-19 -
2023-12-18		 3 months crt.sh
jsdelivr.plus
GTS CA 1P5		 2023-08-27 -
2023-11-25		 3 months crt.sh
sdki.truepush.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.truepush.com
R3		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mahacashback.com/PMR/
Frame ID: 927E0F37FF2BD8A2D587A612136A219A
Requests: 16 HTTP requests in this frame

Frame: https://mahacashback.com/res/404.html
Frame ID: D70B2E709F934945CDDD5466B308F4A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Muft Rechargeicon 65 file gif

Page URL History Show full URLs

  1. https://t.ly/PM-Rehcharge-Yojana HTTP 302
    https://mahacashback.com/PMR/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

89 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

180 kB
Transfer

532 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.ly/PM-Rehcharge-Yojana HTTP 302
    https://mahacashback.com/PMR/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://mahacashback.com/res/pu.html?seed=6765077532288966&pid=aa.co&c=freecharge&f=wa HTTP 302
  • https://mahacashback.com/res/404.html HTTP 302
  • https://mahacashback.com/res/404.html HTTP 302
  • https://mahacashback.com/res/404.html HTTP 302
  • https://mahacashback.com/res/404.html HTTP 302
  • https://mahacashback.com/res/404.html HTTP 302
  • https://mahacashback.com/res/404.html

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mahacashback.com/PMR/
Redirect Chain
  • https://t.ly/PM-Rehcharge-Yojana
  • https://mahacashback.com/PMR/
64 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mahacashback.com/PMR/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cbd6de93ebf284b5004a5ec9be1122479badcf834e439dff494b28010fce464

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
810e8918de40b760-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 04 Oct 2023 15:42:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTADc8MLlCKd4AZnJJWLKwzyxDeK5QEriygTtwsZA7ZCiao%2F7ahbieA5aX%2FQ2FvL%2BAiXkbp14vuXsuEiZCAqOp34hkPY2B7bHAPGbbpxWcwgvxVZJh6svQe3LY8Ci4F7tW7U7VOhVd8hvgbTlBNQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
810e89165d712c32-FRA
content-type
text/html; charset=UTF-8
date
Wed, 04 Oct 2023 15:42:34 GMT
location
https://mahacashback.com/PMR/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQHxJYCw%2Bc9FUFY7YTD2QjyQ%2Bl2pgEhVngjxm5qKpq95B3tsF%2Fx1ONbpk9eqmmvfrZj2k3Cx7XUvVR7bn3NsTw9rH%2BVddoCIbxsCfhowXDufWrOP%2BtNtFjduMSkXbgQikGI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-whom
tly-2
x-xss-protection
1; mode=block
style.css
a.jsdelivr.plus/res/17587776/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.jsdelivr.plus/res/17587776/css/style.css?_=v1.2
Requested by
Host: mahacashback.com
URL: https://mahacashback.com/PMR/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339368589eb330e774e4a2c20d576d05fb3d558d9cb7d54f5bd30438983ae089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687048721
age
592
x-guploader-uploadid
ADPycduONVfp5BXAk0czPZuMk-jsiVXwZXHymTmcrL9op9km9xsbYq9xQgxlfUHWLl8Z-MPv361JwUZ2UCsi1qvpYhte1g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 18 Jun 2023 01:00:41 GMT
server
cloudflare
etag
W/"375c9e29e248e267d644e05d96426c2d"
vary
Accept-Encoding
x-goog-generation
1687050040985720
content-type
text/css
content-language
en
x-goog-hash
crc32c=7ZEpdQ==, md5=N1yeKeJI4mfWROBdlkJsLQ==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1p20bMzNJESymGpgRYmmMJ3Rl3nwXKpO2cQ39S8g27MdCP10xCfJOIkNQh%2FkY%2BwWkbyq%2B40fNvGxJTTMrVO84yN106QQu5PIUqW1i2Pq2fwArLaoJAt9qvGyIkuul2oFP%2BjLQwPG2ZsFEVzhes%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
11158
cf-ray
810e891cbc7e3d4e-BOM
expires
Wed, 04 Oct 2023 16:29:44 GMT
app.js
sdki.truepush.com/sdk/v2.0.4/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.4/app.js
Requested by
Host: mahacashback.com
URL: https://mahacashback.com/PMR/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f14339d5f27bb4b1dfa21bcb66ee9b88cd8fae644c105c2d575f2e992e4877e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 17:52:12 GMT
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 04:37:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
2312721
etag
"e845fbcf21da794b6108ce90f9f43a77"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
581
x-amz-cf-id
vxTZXDSywJopS3AEd-BeUhbt_UC3sxh7ocrd9dhlcUH312u_L9mNWA==
jquery.min.js
cdn.jsdelivr.net/npm/jquery@2/dist/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@2/dist/jquery.min.js
Requested by
Host: mahacashback.com
URL: https://mahacashback.com/PMR/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30789
x-jsd-version
2.2.4
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230106-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BaXU1mnRlU88ejH%2BtoRJweDFXux8Uo5TqlAnW0UCMVtU9xS%2BqQdZau4DUoy%2BUPUVV%2BQ7Axa7XPcsEvHLep283rRSuAdZ5t67ffSr7WUA%2FAE1iWtMWl9AqFfzpnEDaOlnZK4pc2e%2FGPercMhW78%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
810e891abb36903c-FRA
lazyload.min.js
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.min.js
Requested by
Host: mahacashback.com
URL: https://mahacashback.com/PMR/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19379336
x-jsd-version
2.0.0-rc.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"8a2-ngY/Y9MDkyf1oyGHRNHDqclx9cM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiH01dGetXU0v6LrqOyOKWAjdYmLJwLmrHhs7uVT1xahON9oyrL4yD5aWhFlwVm8YfgVN9jXec1TbF2vsz8T7Q2C7WbcOglB3bZVnvLzdLysVIjly3gUmS4O9BP%2F5FrjO%2FI5vhRb816FVFiiCaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
810e891abb38903c-FRA
freecharge.php
mahacashback.com/PMR/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mahacashback.com/PMR/freecharge.php
Requested by
Host: mahacashback.com
URL: https://mahacashback.com/PMR/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6889fccccd7502728d40dc4635df0622653a9d49767a8c83bdf1da76ea9d3073

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/PMR/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttY4odw5Sbk3slWy1XEjYQEDhuSn4hPCxXRPRWdw56et9iD8PZerIMcRFyyFgcjb4NbHEVAYjMAzjz3lC5d%2FWnTzkbHyuaGqRVi43KrT7a2s0yrEXwU2WW0uEN0NiQaW%2FujmP5wUHXhftMAqV7s7"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
810e891a9fd1b760-AMS
alt-svc
h3=":443"; ma=86400
version.json
sdki.truepush.com/sdk/ 		176 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/version.json
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 21:17:15 GMT
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 05:36:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
2312719
etag
"327739750637fd5a1dd49dd855637862"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=300
accept-ranges
bytes
content-length
176
x-amz-cf-id
GZiPyRHScrJ7F47Kq1RAb_NDnwqW0Lol9xA2PjCw36TiQdOiq8XB7Q==
main.js
sdki.truepush.com/sdk/v2.0.4/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.4/main.js
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 11:29:07 GMT
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 04:37:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
620008
etag
"3d47f45ecfb765f8b8b58d2a4b1883fb"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
18934
x-amz-cf-id
I6eDSfZ9ZOd8ruCTTCynL3OvH5t8CZmKDPByeluASEGVNmHjLL228g==
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS
static-103-231-212-226.ctrls.in
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mahacashback.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://mahacashback.com
Content-Length
0
Date
Wed, 04 Oct 2023 15:42:36 GMT
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ 		0
0
ny32.jpg
a.jsdelivr.plus/res/17587776/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsdelivr.plus/res/17587776/img/ny32.jpg?=v1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb29145136afc2ebcb31d2183fe7f58ae4df010d6de7692d6d381c0a4ac0bf99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687048721
age
1513
x-guploader-uploadid
ADPycduUVjBTa2001ESmrEya_ILl__kD19loqzytFQfHBBuwX9CetS7a7jfFLHOg3m1tSUUwiU94YEmwFIWrFbid07hIJVLesAd-
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2491
cf-bgj
h2pri
last-modified
Sun, 18 Jun 2023 01:00:42 GMT
server
cloudflare
etag
"5e933891d16c95756e304221cda809f0"
vary
Accept-Encoding
x-goog-generation
1687050042450008
content-language
en
content-type
image/jpeg
x-goog-hash
crc32c=L9G7pw==, md5=XpM4kdFslXVuMEIhzagJ8A==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbJcLQ4O1V3I4uODWtvTtESyOGLRxGJMBDfMr%2Ff58IPt7GIWXtpX0b%2FPoT%2BlQGE%2Fao0YhB3FL9%2Bd3CQ6z6TU94zEZtxwEhdOP0fGkSH2mtZitZ5d4XIPHy%2BNSW7cC2ZJHjbovNgPnCxbtPqYQUo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
2491
accept-ranges
bytes
cf-ray
810e891dcdd13d4e-BOM
expires
Wed, 04 Oct 2023 16:17:22 GMT
ny42.jpg
a.jsdelivr.plus/res/17587776/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsdelivr.plus/res/17587776/img/ny42.jpg?=v1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7559e65526fa14e873d693612cd87a2988ad9000fc0ca882f0272bcf1ff0d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687048721
age
332
x-guploader-uploadid
ADPycds9ZNaGa5QRkJgX9gcPdZ8flsYqu-xgqWul6myqMADbRfiN5743Ud-YWc5Fb4xnORns8dQ_YZTKuWgnrdi95gR5AoqIWQoF
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2923
cf-bgj
h2pri
last-modified
Sun, 18 Jun 2023 01:00:42 GMT
server
cloudflare
etag
"0c960b9e1b8334b02d896e00103ff0b5"
vary
Accept-Encoding
x-goog-generation
1687050042124072
content-language
en
content-type
image/jpeg
x-goog-hash
crc32c=2Qzqcg==, md5=DJYLnhuDNLAtiW4AED/wtQ==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daa2GeGsIDT5VCfLefRx%2F7Mo1dqWodHUDbNuZjjh5VDNImLMmIGGWakj%2FvLcLR0DR%2B5vVEAWx0SV%2BZeICMEuXP6I%2BO6iTK%2BVIGjs46ttbaqsGDn1VdkssrX1ijlL3jK0VuK%2Fc%2FG2Un8AHruvEZY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
2923
accept-ranges
bytes
cf-ray
810e891dcdd23d4e-BOM
expires
Wed, 04 Oct 2023 16:37:03 GMT
ny52.jpg
a.jsdelivr.plus/res/17587776/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsdelivr.plus/res/17587776/img/ny52.jpg?=v1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76282fbde24bf13dee6c204e58700e2008547d9ac4a7d8cf6cf5ac5478bb53fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687048721
age
332
x-guploader-uploadid
ADPycdsmjWQQYdrK0roKTZuTEKIbVIq9h8lpV2-vr8902XGvyRb19uPBisC9qdR-YCsrq5RmrOhsqphYpGozp8Sz1vSwHFZd10p3
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3079
cf-bgj
h2pri
last-modified
Sun, 18 Jun 2023 01:00:42 GMT
server
cloudflare
etag
"7520b7144d54aee5717f15ac6cd0211a"
vary
Accept-Encoding
x-goog-generation
1687050042935392
content-language
en
content-type
image/jpeg
x-goog-hash
crc32c=8rKKUg==, md5=dSC3FE1UruVxfxWsbNAhGg==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf4E47Z632zOITboAz4fPP3g%2FaUU5S6qx%2BTYp6uh7GFKkdKiuirdVyBT%2FAMZufih27zOQt694%2Fj3nA06EvodBkvlo1uSryMoYr2101mq%2F8nK1c7CznYjnb8qux03osh%2FU%2FQI5XsNXcjNu7ieujs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3079
accept-ranges
bytes
cf-ray
810e891dcdd33d4e-BOM
expires
Wed, 04 Oct 2023 15:49:01 GMT
js
www.googletagmanager.com/gtag/ 		272 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XMJX5Z6M5P
Requested by
Host: mahacashback.com
URL: https://mahacashback.com/PMR/freecharge.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f316e1d312a52cd8f449c7d1f2a62cc7f3b10f72e76695c6d6d338d87a0c06ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92860
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 15:42:35 GMT
404.html
mahacashback.com/res/ Frame D70B
Redirect Chain
  • https://mahacashback.com/res/pu.html?seed=6765077532288966&pid=aa.co&c=freecharge&f=wa
  • https://mahacashback.com/res/404.html
  • https://mahacashback.com/res/404.html
  • https://mahacashback.com/res/404.html
  • https://mahacashback.com/res/404.html
  • https://mahacashback.com/res/404.html
  • https://mahacashback.com/res/404.html
0
0
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XMJX5Z6M5P&gtm=45je3a20&_p=1556869150&cid=1173687560.1696434156&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696434155&sct=1&seg=0&dl=https%3A%2F%2Fmahacashback.com%2FPMR%2F&dt=Muft%20Recharge&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMJX5Z6M5P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 15:42:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mahacashback.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ny12.jpg
a.jsdelivr.plus/res/17587776/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsdelivr.plus/res/17587776/img/ny12.jpg?=v1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464a75fe6515d4caf2821dfdf4c52acf84bacd3bbf8d35568e7413642c3642d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687048721
age
644
x-guploader-uploadid
ADPycdvMtgQq0FQIhQD9vAyNsKnaT3a-MrS7Cw7rZT43EiJEYVviCcFxe-XZhz-d8gpXe95meYwJE0Q_5PkTN2fAxI9tVKNjRD9P
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3813
last-modified
Sun, 18 Jun 2023 01:00:42 GMT
server
cloudflare
etag
"7c9be3bfa8beda6aa644e254ca8f0e68"
vary
Accept-Encoding
x-goog-generation
1687050042049442
content-type
image/jpeg
content-language
en
x-goog-hash
crc32c=rVNlFQ==, md5=fJvjv6i+2mqmROJUyo8OaA==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEtYt9KIrhLLd4GowYPKxIhfmFKfBN11JJgP6g3t%2FEx79rJFYS4CcysMfsJtSGER3prcDZKb8Fe0n7zMRX%2FRWond%2FMzmsLHw%2Fs4nJTJVQLDugbAkcrHOLWoKV4kZ9G%2B3MFidXc1KgpXnpxRssTY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3813
accept-ranges
bytes
cf-ray
810e8923b86591f3-FRA
expires
Wed, 04 Oct 2023 15:59:56 GMT
ind62.jpg
a.jsdelivr.plus/res/17587776/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.jsdelivr.plus/res/17587776/img/ind62.jpg?=v1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d600ae7344a78be7b930054e33a9d52f8e4d82f17029790db14c1aef4b72260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mahacashback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:42:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687048721
age
1223
x-guploader-uploadid
ADPycdvodFfSPZZ7XrQAX7_VQjd7sEW83MEMrGpkgpVB2B2maTzBk_WCZ30koeRktr2FDZK1fW0EguNTRYvOc0uuscHZ2cbyXJ-Z
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2985
last-modified
Sun, 18 Jun 2023 01:00:41 GMT
server
cloudflare
etag
"df6f0e8593ea6953d689710e4f32207b"
vary
Accept-Encoding
x-goog-generation
1687050041846628
content-type
image/jpeg
content-language
en
x-goog-hash
crc32c=1DW03A==, md5=328OhZPqaVPWiXEOTzIgew==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcpopn5lrcVJPatBT4WOTPStXQrSWHL9uoGMpe322%2BwsDhzcUb%2B4Ffa1Q4MHOtFyClqzN9UXny%2BJ0CSE4yz6Y6OTwMZHpQTHVtPppLqvzofKIVsgSNrSATZdkrFe7UX%2F7vc3SOTzbNk9sHs6KOk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
2985
accept-ranges
bytes
cf-ray
810e8930280a91f3-FRA
expires
Wed, 04 Oct 2023 16:13:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sdk.truepush.com
URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Domain
mahacashback.com
URL
https://mahacashback.com/res/404.html

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| set_Cookie function| get_Cookie object| truepushVersionInfo string| r object| HTTP undefined| key undefined| browserData undefined| subscription undefined| permissionAllowed undefined| iFrameReference undefined| skipSubscriberReport undefined| subscriberIdCallback boolean| isSubscribed string| optinStatus string| host string| cdnUrl string| imgUrl string| subDomainsHost boolean| fromSubDomain string| EnableHTTPLocalTest string| version string| defaultKey boolean| fromIframe boolean| fromWordpress boolean| fromshopifyDomain boolean| forShopifyCall object| xhttp object| desktopAllowedVersions object| mobileAllowedVersions function| isNotifAllowed function| CheckBrowserCampatability function| isPrivateMode function| truepushSDK function| loadAppJs object| truepush function| $ function| jQuery function| lazyload function| LazyLoad string| toPlatform string| cad string| bad string| ead string| tb string| tbu string| lo number| sInt function| hh object| DOMString object| objServer function| deadline function| enviar function| tip_text function| messageToSend number| counter number| counter2 number| seconds object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
t.ly/ Name: XSRF-TOKEN
Value: eyJpdiI6IkZ2ZHJibmNjamh1bGZGcDU1cklXM3c9PSIsInZhbHVlIjoiV2JVeDhrUjJrK3J1clRuVlYzQjlMT3FyVFFLWExhc1JtYWFjemkwblEra2FFNy9idnVhVlpDMjUrWXRLTzRIQ0cvUWpWTWdCVmhOWmFxVFE0Q0dFTktpaDA1V09BRTUvUXB2dXNpeTVTMXNNZjZzaENlaGtnOGQwaThDUHdSLzciLCJtYWMiOiJlYTdkYzRmYjEyZmZkZDlhMTI3YTliODdjOGNjYTBhMjIzMTc1MzgwZWQ3Yjk4M2JlMDNkNmJjZWVkZGJhMjg3IiwidGFnIjoiIn0%3D
t.ly/ Name: tly_session
Value: eyJpdiI6IitVMXBzSFJMUGxpUjV1a21RYlBCRUE9PSIsInZhbHVlIjoiUEVtcy8zUWRXN2NlMzd4c2dUTDErc2FocThHM21CNFFlK01lSS9sNGsxcmw3RUI3RDR2MFdCenNKam80SURybDNRbThzZHRKei9ycDBYelphYktZcEFFb05qR2FBR0tNcGIyNXNHUmYvblV1MDlDYmtmOGJ3ZnJ4a0hraW9rdTIiLCJtYWMiOiJjZTQ1ZDI5NGFmZGQ1OTg5ZWM4ODI4MzdhNWM0ZmI3NTJmZTM1NTQ2YWYyMjIxOGE4NWI5ZTMzOGVhM2M1ZjZmIiwidGFnIjoiIn0%3D
.mahacashback.com/ Name: _ga
Value: GA1.1.1173687560.1696434156
.mahacashback.com/ Name: _ga_XMJX5Z6M5P
Value: GS1.1.1696434155.1.0.1696434155.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jsdelivr.plus
cdn.jsdelivr.net
mahacashback.com
region1.google-analytics.com
sdk.truepush.com
sdki.truepush.com
t.ly
www.googletagmanager.com
mahacashback.com
sdk.truepush.com
103.231.212.226
2001:4860:4802:34::36
2600:9000:2491:a00:7:6b7b:1000:93a1
2606:4700:20::681a:dc9
2606:4700:3032::6815:5681
2606:4700::6810:5714
2a00:1450:4001:806::2008
2a06:98c1:3120::3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
339368589eb330e774e4a2c20d576d05fb3d558d9cb7d54f5bd30438983ae089
464a75fe6515d4caf2821dfdf4c52acf84bacd3bbf8d35568e7413642c3642d2
4cbd6de93ebf284b5004a5ec9be1122479badcf834e439dff494b28010fce464
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
6889fccccd7502728d40dc4635df0622653a9d49767a8c83bdf1da76ea9d3073
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef
76282fbde24bf13dee6c204e58700e2008547d9ac4a7d8cf6cf5ac5478bb53fc
7d600ae7344a78be7b930054e33a9d52f8e4d82f17029790db14c1aef4b72260
bb29145136afc2ebcb31d2183fe7f58ae4df010d6de7692d6d381c0a4ac0bf99
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f14339d5f27bb4b1dfa21bcb66ee9b88cd8fae644c105c2d575f2e992e4877e2
f316e1d312a52cd8f449c7d1f2a62cc7f3b10f72e76695c6d6d338d87a0c06ec
ff7559e65526fa14e873d693612cd87a2988ad9000fc0ca882f0272bcf1ff0d6