3y1b5e2cgc.countrine.sbs Open in urlscan Pro
162.0.219.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
Effective URL:
https://3y1b5e2cgc.countrine.sbs/
Submission: On September 13 via manual (September 13th 2023, 12:07:41 pm UTC) from GB — Scanned from GB

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 162.0.219.35, located in and belongs to . The main domain is 3y1b5e2cgc.countrine.sbs.
TLS certificate: Issued by R3 on September 13th 2023. Valid for: 3 months.

This is the only time 3y1b5e2cgc.countrine.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:310... 2606:4700:3108::ac42:28e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2606:4700:310... 2606:4700:3108::ac42:2b1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	162.0.219.35 162.0.219.35	() ()
16	9

3 2606:4700:3108::ac42:28e3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

findamasters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.findamasters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b1d (United States)

ASN13335 (CLOUDFLARENET, US)

www.findamasters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.219.35 (None, )

ASN- ()

3y1b5e2cgc.countrine.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	findamasters.com 1 redirects findamasters.com — Cisco Umbrella Rank: 505848 www.findamasters.com — Cisco Umbrella Rank: 785902	17 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 ssl.google-analytics.com — Cisco Umbrella Rank: 506	17 KB
1	countrine.sbs 3y1b5e2cgc.countrine.sbs
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 454	19 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1118	7 KB
16	6

	Domain	Requested by
3	bam.nr-data.net	www.findamasters.com js-agent.newrelic.com
3	www.findamasters.com	www.findamasters.com static.cloudflareinsights.com
2	ssl.google-analytics.com	www.findamasters.com
1	3y1b5e2cgc.countrine.sbs	www.findamasters.com
1	js-agent.newrelic.com	www.findamasters.com
1	www.google-analytics.com	www.findamasters.com
1	static.cloudflareinsights.com	www.findamasters.com
1	findamasters.com	1 redirects
16	8

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
www.3y1b5e2cgc.countrine.sbs R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://3y1b5e2cgc.countrine.sbs/
Frame ID: B2667194ACE9C76B19F94A5C146FA684
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/ HTTP 301
https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/ Page URL
https://3y1b5e2cgc.countrine.sbs/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

16
Requests

75 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

61 kB
Transfer

162 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/ HTTP 301
https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/ Page URL
https://3y1b5e2cgc.countrine.sbs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/ HTTP 301
https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ect.aspx Show response
www.findamasters.com/common/
Redirect Chain

https://findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

35 KB
13 KB

115ms
105ms

Document
text/html

2606:4700:3108::ac42:28e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

35f3e612a288e2b8d8dbbb9b62ef6394453b42b829f113d1da17f1302e8f5c45

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: data: blob:; object-src 'none'; child-src https: blob:; frame-src https: data:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 806045574d1d71aa-LHR
content-encoding: br
content-security-policy: default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: data: blob:; object-src 'none'; child-src https: blob:; frame-src https: data:
content-type: text/html; charset=utf-8
date: Wed, 13 Sep 2023 12:07:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7Na9WlBT%2BU6u%2BmyOhMhWZBW%2F%2BfmnIOsrzhCiyaWkt1i7xpjYKJiBlt3GTgk9jAU%2BvbVe1m7G4ZMZjCUUJpeVNpb21ApdsgFZNms5qzxTWZCtlzcL6cnl%2BMWStFwJvDO0NTDxYHIKh%2B4KMbpfZrBJcpL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 806045569b6d71aa-LHR
content-security-policy: default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: data: blob:; object-src 'none'; child-src https: blob:; frame-src https: data:
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 12:07:36 GMT
location: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsvUPqahxEAbv1dCbGGRGEoSPBEB5raMdNCSUU0LmjLnhahVSbCrW8VopI7obcfgqODz5HdU834%2BXB4pUtOzw7vwyTEEj805ojTeqOTPIi8wMSJB9khwoktIAsrZHSWekLbYrUD3ZF41%2FdDUJHg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
x-powered-by: ASP.NET

GET
H2 200 loading3.gif
www.findamasters.com/common/images/generic/ 3 KB
3 KB 99ms
98ms Image
image/gif 2606:4700:3108::ac42:28e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.findamasters.com/common/images/generic/loading3.gif

Requested by

Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: data: blob:; object-src 'none'; child-src https: blob:; frame-src https: data:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 12:07:37 GMT
content-security-policy: default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: data: blob:; object-src 'none'; child-src https: blob:; frame-src https: data:
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2767
last-modified: Fri, 11 Aug 2023 11:30:40 GMT
server: cloudflare
etag: "83d9ad4147ccd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xtpl6y9o7EcGTcU5t19ErtF4BGismZ%2BXLFTo4DOud76ZlD6cWbwxHdXyXFl2ZX5H274aVwmLow7jFxHmezWVjKkQ%2BTN2emPeLe2owJXAtJWRTHLE7Uuw4C1PQB32YzAHgY53oNYP7x3Hh9rhj1p6Wh6d"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 80604557fe5271aa-LHR

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 198ms
107ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.findamasters.com/
Origin: https://www.findamasters.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 12:07:37 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 806045588ac724f0-LHR

GET
H2 200 ga.js Show response
www.google-analytics.com/ 45 KB
17 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.findamasters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 11:45:02 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1355
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 13 Sep 2023 13:45:02 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
303 B 174ms
61ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=183458003&utmhn=www.findamasters.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1786350159&utmr=-&utmp=%2Fcommon%2Fect.aspx%3FtrackId%3D8%26t%3D5%26f%3D2%26mid%3D2045%26url%3D%2F%2F3y1b5e2cgc.countrine.sbs%2F&utmht=1694606857146&utmac=UA-2428558-16&utmcc=__utma%3D248066064.1800828804.1694606857.1694606857.1694606857.1%3B%2B__utmz%3D248066064.1694606857.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=152983317&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.findamasters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 12:07:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
19 KB 175ms
55ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.findamasters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: br
via: 1.1 varnish
date: Wed, 13 Sep 2023 12:07:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: VMEBCPA2SR478B8N
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: 66OVWE3upJU8rYVQ76vOSdZzE88ClDrkYzpkmZWzZN/Oyweji6yvpq6/AM/+vF6uW1ysEKjELnk=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1694606857.470442,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 386

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
119 B 52ms
52ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=51728130&utmhn=www.findamasters.com&utmt=event&utme=5(Spotlight%3A%20FindAMasters*MID%3D2045%23*%2F%2F3y1b5e2cgc.countrine.sbs%2F%23)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1786350159&utmr=-&utmp=%2Fcommon%2Fect.aspx%3FtrackId%3D8%26t%3D5%26f%3D2%26mid%3D2045%26url%3D%2F%2F3y1b5e2cgc.countrine.sbs%2F&utmht=1694606857325&utmac=UA-2428558-16&utmcc=__utma%3D248066064.1800828804.1694606857.1694606857.1694606857.1%3B%2B__utmz%3D248066064.1694606857.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=7AAAAAAAAAAAAAAAAAAAAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.findamasters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 15:41:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73548
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
www.findamasters.com/cdn-cgi/ 0
180 B 58ms
57ms XHR
text/plain 2606:4700:3108::ac42:2b1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.findamasters.com/cdn-cgi/rum?

Requested by

Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VQQBUl5UDRABV1ZWBwcGUVcF
tracestate: 1263875@nr=0-1-1263875-1385900299-76641c81c211d952----1694606857328
traceparent: 00-d30ec65d5a549e70e930ffe297aafe86-76641c81c211d952-01
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEyNjM4NzUiLCJhcCI6IjEzODU5MDAyOTkiLCJpZCI6Ijc2NjQxYzgxYzIxMWQ5NTIiLCJ0ciI6ImQzMGVjNjVkNWE1NDllNzBlOTMwZmZlMjk3YWFmZTg2IiwidGkiOjE2OTQ2MDY4NTczMjh9fQ==
content-type: application/json
Referer: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/

Response headers

date: Wed, 13 Sep 2023 12:07:37 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.findamasters.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8060455a7a0e0726-LHR

GET
H/1.1 200
OK 2fc406b673 Show response
bam.nr-data.net/1/ 56 B
497 B 715ms
587ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/2fc406b673?a=1374061734&v=1216.487a282&to=YANRYREFWkdYUhYIX1lJcmYzS1dbVFwNDx9SBUcbAhdETA%3D%3D&rst=903&ck=1&ref=https://www.findamasters.com/common/ect.aspx&ap=20&be=341&fe=713&dc=528&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1694606856610,%22n%22:0,%22f%22:204,%22dn%22:204,%22dne%22:204,%22c%22:204,%22ce%22:204,%22rq%22:214,%22rp%22:319,%22rpe%22:323,%22dl%22:323,%22di%22:346,%22ds%22:528,%22de%22:528,%22dc%22:713,%22l%22:713,%22le%22:716%7D,%22navigation%22:%7B%7D%7D&fp=346&fcp=369&jsonp=NREUM.setToken
Requested by: Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.findamasters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 12:07:38 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-fra-eddf8230052-FRA

POST
H/1.1 200
OK 2fc406b673 Show response
bam.nr-data.net/resources/1/ 36 B
357 B 311ms
311ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/2fc406b673?a=1374061734&v=1216.487a282&to=YANRYREFWkdYUhYIX1lJcmYzS1dbVFwNDx9SBUcbAhdETA%3D%3D&rst=1621&ck=1&ref=https://www.findamasters.com/common/ect.aspx&st=1694606856610
Requested by: Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 612f352c4c65d8086d19aa84f3847dd08a8b381e6f155c9965dcea392c8ba097

Request headers

Referer: https://www.findamasters.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Sep 2023 12:07:38 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.findamasters.com
access-control-allow-credentials: true
Connection: close
Content-Length: 36
x-served-by: cache-fra-eddf8230052-FRA

POST
H/1.1 200
OK 2fc406b673 Show response
bam.nr-data.net/events/1/ 24 B
349 B 299ms
187ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/2fc406b673?a=1374061734&v=1216.487a282&to=YANRYREFWkdYUhYIX1lJcmYzS1dbVFwNDx9SBUcbAhdETA%3D%3D&rst=1627&ck=1&ref=https://www.findamasters.com/common/ect.aspx
Requested by: Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.findamasters.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Sep 2023 12:07:38 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.findamasters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230035-FRA

GET
H/1.1 200
OK Primary Request /
3y1b5e2cgc.countrine.sbs/ 11 KB
0 1989ms
691ms Document
text/html 162.0.219.35

General

Check archive.org

Show headers Download Go to

Full URL: https://3y1b5e2cgc.countrine.sbs/
Requested by: Host: www.findamasters.com
URL: https://www.findamasters.com/common/ect.aspx?trackId=8&t=5&f=2&mid=2045&url=//3y1b5e2cgc.countrine.sbs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 162.0.219.35 -, , ASN (),
Reverse DNS
Software: Apache/2.4.56 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.1
Resource Hash

Request headers

Referer: https://www.findamasters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3978
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Sep 2023 12:07:40 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.56 (Unix) OpenSSL/1.0.2k-fips
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.4.1

POST 2fc406b673
bam.nr-data.net/events/1/ 0
0

POST 2fc406b673
bam.nr-data.net/jserrors/1/ 0
0

POST 2fc406b673
bam.nr-data.net/resources/1/ 0
0

POST rum
www.findamasters.com/cdn-cgi/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/2fc406b673?a=1374061734&v=1216.487a282&to=YANRYREFWkdYUhYIX1lJcmYzS1dbVFwNDx9SBUcbAhdETA%3D%3D&rst=4709&ck=1&ref=https://www.findamasters.com/common/ect.aspx&ptid=91cfd336-0001-b33a-c785-018a8e7098d8

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/2fc406b673?a=1374061734&v=1216.487a282&to=YANRYREFWkdYUhYIX1lJcmYzS1dbVFwNDx9SBUcbAhdETA%3D%3D&rst=4709&ck=1&ref=https://www.findamasters.com/common/ect.aspx&ptid=91cfd336-0001-b33a-c785-018a8e7098d8

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/resources/1/2fc406b673?a=1374061734&v=1216.487a282&to=YANRYREFWkdYUhYIX1lJcmYzS1dbVFwNDx9SBUcbAhdETA%3D%3D&rst=4709&ck=1&ref=https://www.findamasters.com/common/ect.aspx&ptid=91cfd336-0001-b33a-c785-018a8e7098d8&st=1694606856610

Domain: www.findamasters.com
URL: https://www.findamasters.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
findamasters.com/	1970-01-20 14:44:53	Name: NSC_MC_134.213.185.99_80 Value: 4bb3a3d87e200902671802d5368eb24e31ced837548d9f8203f5f475d11a087d821fe8ea
www.findamasters.com/	1969-12-31 23:59:59	Name: FauVisitorId Value: 5cqezeo5acojivr5zlav0zgb
www.findamasters.com/	1970-01-20 14:53:31	Name: FauUserInfo Value: ctry=DE&cont=Europe
www.findamasters.com/	1970-01-20 14:44:53	Name: NSC_MC_134.213.185.99_80 Value: 7ce2a3d9885657e538e33790bc865cdbffe6a9fb6f6e0f698be27236fc69eadbec8114e4
.findamasters.com/	1970-01-21 00:19:26	Name: __utma Value: 248066064.1800828804.1694606857.1694606857.1694606857.1
.findamasters.com/	1969-12-31 23:59:59	Name: __utmc Value: 248066064
.findamasters.com/	1970-01-20 19:06:14	Name: __utmz Value: 248066064.1694606857.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.findamasters.com/	1970-01-20 14:43:27	Name: __utmt Value: 1
.findamasters.com/	1970-01-20 14:43:28	Name: __utmb Value: 248066064.2.9.1694606857
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8fbb07ca851e5ddb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: data: blob:; object-src 'none'; child-src https: blob:; frame-src https: data:
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3y1b5e2cgc.countrine.sbs
bam.nr-data.net
findamasters.com
js-agent.newrelic.com
ssl.google-analytics.com
static.cloudflareinsights.com
www.findamasters.com
www.google-analytics.com
bam.nr-data.net
www.findamasters.com
151.101.194.137
162.0.219.35
162.247.243.29
2606:4700:3108::ac42:28e3
2606:4700:3108::ac42:2b1d
2606:4700::6810:3965
2a00:1450:4001:812::2008
2a00:1450:4001:82f::200e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f
35f3e612a288e2b8d8dbbb9b62ef6394453b42b829f113d1da17f1302e8f5c45
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
612f352c4c65d8086d19aa84f3847dd08a8b381e6f155c9965dcea392c8ba097
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

3y1b5e2cgc.countrine.sbs Open in urlscan Pro 162.0.219.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

75 %HTTPS

63 %IPv6

6 Domains

8 Subdomains

9 IPs

2 Countries

61 kBTransfer

162 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

10 Cookies

Security Headers

Indicators

3y1b5e2cgc.countrine.sbs Open in urlscan Pro
162.0.219.35 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

61 kB
Transfer

162 kB
Size

10
Cookies

16 HTTP transactions
0 data transactions