Submitted URL: https://masa.davincij15.com/
Effective URL: https://referrals.masa.finance/KzrDWf
Submission: On April 14 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 5.9.118.112, located in Giessen, Germany and belongs to HETZNER-AS, DE. The main domain is referrals.masa.finance.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time referrals.masa.finance was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.227.150.230 55081 (24SHELLS)
8 5.9.118.112 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 104.16.86.20 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
17 5
Apex Domain
Subdomains
Transfer
8 masa.finance
referrals.masa.finance
99 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
5 KB
2 gstatic.com
fonts.gstatic.com
24 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 315
23 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 239
19 KB
1 davincij15.com
masa.davincij15.com
182 B
17 6
Domain Requested by
8 referrals.masa.finance referrals.masa.finance
4 fonts.googleapis.com referrals.masa.finance
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net referrals.masa.finance
1 cdnjs.cloudflare.com referrals.masa.finance
1 masa.davincij15.com 1 redirects
17 6

This site contains no links.

Subject Issuer Validity Valid
referrals.masa.finance
R3
2024-03-31 -
2024-06-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://referrals.masa.finance/KzrDWf
Frame ID: 67B354FB6804CC77F831EC2EF4DE8BE3
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Airdrop Campaign

Page URL History Show full URLs

  1. https://masa.davincij15.com/ HTTP 302
    https://referrals.masa.finance/KzrDWf Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

170 kB
Transfer

699 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://masa.davincij15.com/ HTTP 302
    https://referrals.masa.finance/KzrDWf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request KzrDWf
referrals.masa.finance/
Redirect Chain
  • https://masa.davincij15.com/
  • https://referrals.masa.finance/KzrDWf
6 KB
3 KB
Document
General
Full URL
https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
af745d8b48fd7bc1a615fa37450f4dc1fea34d200c14cff47119932c76c42b4e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 10:06:25 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 14 Apr 2024 10:06:25 GMT
Location
https://referrals.masa.finance/KzrDWf
Server
nginx/1.18.0 (Ubuntu)
css
fonts.googleapis.com/
57 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 09:26:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 10:06:25 GMT
css2
fonts.googleapis.com/
18 KB
920 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c503e30d6b6ad4530b5962b7098b4fa82c5a4f65809f85c19a375b8bff1f6145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 10:06:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 10:06:25 GMT
css2
fonts.googleapis.com/
8 KB
1005 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f55844e7af55df44a079478ef08327d622cdd33932b88a15eecd5b3289308801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 09:23:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 10:06:25 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/
100 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
224458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKuDvh1CXTu9Q9jIIIaovxa908hG8W9pLT%2Ff%2Fqr8bH31XiwFne%2Bas8v9wHBZkdWdRISrJFEItOlkULCRuov6qGRHrojQ%2FoKEWptheah4hmKQlv8OJmYYlwId%2BlgL1O8mp7T%2Fg8Wt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8742e212a96dbb7f-FRA
expires
Fri, 04 Apr 2025 10:06:25 GMT
sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/
24 KB
5 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/sweetalert2.min.css
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ebd4dbb08c8772238698cc68724fab2e7e9591eeaac6777eaa58cdfb473b2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2735513
x-jsd-version
10.0.2
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230050-FRA, cache-lga21973-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"5f70-g4xi1yOHeCNTAMOrcje0mC5yWwc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkCNWzuzMLirKtj%2FbeLR8T4%2FmsVI2JWFXyA3ohDVr0Kh2a0o3O%2BrP79NYSGzvaOy5MVnvBTSMc7tI6Kq9C05jTX5cliJ9vIG2cWXVBFJaHVZPbgDhvJubJgOi%2BsOXJTZJ9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8742e212bb1e9072-FRA
magnific-popup.css
referrals.masa.finance/assets/web/dependencies/magnific-popup/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://referrals.masa.finance/assets/web/dependencies/magnific-popup/css/magnific-popup.css
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/KzrDWf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 15:46:06 GMT
server
nginx
etag
W/"660ecb3e-1b27"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Sun, 21 Apr 2024 10:06:25 GMT
css
fonts.googleapis.com/
3 KB
703 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto|Roboto|Poppins|Roboto|Roboto
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d20bc2fce629c7f6a14cf2f509041382202969c4f9b7533bdf4c4253617216ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 10:06:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 10:06:25 GMT
bootstrap.min.css
referrals.masa.finance/assets/web/dependencies/bootstrap/css/
157 KB
24 KB
Stylesheet
General
Full URL
https://referrals.masa.finance/assets/web/dependencies/bootstrap/css/bootstrap.min.css
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/KzrDWf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 15:46:06 GMT
server
nginx
etag
W/"660ecb3e-2722e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Sun, 21 Apr 2024 10:06:25 GMT
campaignApplication.css
referrals.masa.finance/assets/web/css/campaigns/
51 KB
11 KB
Stylesheet
General
Full URL
https://referrals.masa.finance/assets/web/css/campaigns/campaignApplication.css?id=cdc23053b005ef4a49c3
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
3ffade4b5b43554532cfbbe51509d5026d423d249106127d1555da6af63dc24e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/KzrDWf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 15:46:06 GMT
server
nginx
etag
W/"660ecb3e-cc78"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Sun, 21 Apr 2024 10:06:25 GMT
OPbux0vbI60hqR1O.png
referrals.masa.finance/storage/logo/
9 KB
9 KB
Image
General
Full URL
https://referrals.masa.finance/storage/logo/OPbux0vbI60hqR1O.png
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
b90ce2b612af18b235a87acc00a912394d5f1baa6dfcce97a43502599b37c719

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/KzrDWf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
last-modified
Tue, 09 Jan 2024 13:38:07 GMT
server
nginx
etag
"659d4c3f-2210"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
8720
expires
Sun, 21 Apr 2024 10:06:25 GMT
jquery.min.js
referrals.masa.finance/assets/web/dependencies/jquery/
85 KB
30 KB
Script
General
Full URL
https://referrals.masa.finance/assets/web/dependencies/jquery/jquery.min.js
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/KzrDWf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 15:46:06 GMT
server
nginx
etag
W/"660ecb3e-15283"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
expires
Sun, 21 Apr 2024 10:06:25 GMT
bootstrap.bundle.min.js
referrals.masa.finance/assets/web/dependencies/bootstrap/js/
79 KB
21 KB
Script
General
Full URL
https://referrals.masa.finance/assets/web/dependencies/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/KzrDWf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 15:46:06 GMT
server
nginx
etag
W/"660ecb3e-13c1f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
expires
Sun, 21 Apr 2024 10:06:25 GMT
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/
66 KB
19 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/sweetalert2.all.min.js
Requested by
Host: referrals.masa.finance
URL: https://referrals.masa.finance/KzrDWf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28cbc62defd6b0e423b7cb16098a18861300be5117f487445671c70f7f1d81b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2740934
x-jsd-version
10.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220130-FRA, cache-lga21971-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1082d-6F9SFnLnoodi62kt2SBwb5LFivM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tQKT%2FSdJCCT3JLWmsUEhrh0q9vxT8fWToCMCKk72oVv6RyUUNkAJsuKWI6nUNgYO%2BMZbvgmxcghCxqcyBAGObWNrE2YqIN%2FGM5ZYV8J1XBLkmIDZup%2Bc90YdyAi%2FitVnNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8742e212bb1f9072-FRA
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto|Poppins|Roboto|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://referrals.masa.finance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
108939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:50:46 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://referrals.masa.finance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 13:26:32 GMT
x-content-type-options
nosniff
age
74393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 13:26:32 GMT
OPbux0vbI60hqR1O.png
referrals.masa.finance/storage/logo/
9 KB
0
Other
General
Full URL
https://referrals.masa.finance/storage/logo/OPbux0vbI60hqR1O.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.118.112 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
referral-factory.com
Software
nginx /
Resource Hash
b90ce2b612af18b235a87acc00a912394d5f1baa6dfcce97a43502599b37c719

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://referrals.masa.finance/KzrDWf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 10:06:25 GMT
last-modified
Tue, 09 Jan 2024 13:38:07 GMT
server
nginx
etag
"659d4c3f-2210"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
8720
expires
Sun, 21 Apr 2024 10:06:25 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal

4 Cookies

Domain/Path Name / Value
referrals.masa.finance/ Name: visited_KzrDWf
Value: eyJpdiI6ImpldXhlUUdLcDE3Vm1KMWhVT0F2Umc9PSIsInZhbHVlIjoiTEFJYytBWkFSWFdQWnlkdjl4bS9SVlFzT0ZyK2RyVkdrS2lUbmFVOE91VHBmRTRDRjBOazh2bzFRclM2RFMxUSIsIm1hYyI6IjQwMmE3ZGM2ZWIyN2Y0ZjU3YmVlNDAxYWFkZTI5MWRhODEyOGIyNjljNTdkYjAwODkyZjQ5NTE3ZGZiYjZlZjYifQ%3D%3D
referrals.masa.finance/ Name: visited_time_KzrDWf
Value: eyJpdiI6IkFuMzFiY2tWSXV4WmcyaUdTWUN5Zmc9PSIsInZhbHVlIjoiSjJzOTVMLytLcUZqUTc2S1JRQzFXUTVrejJmRmVhMHlPR0sweFp6RE40ZitHNlEyQnFpYU43cXd5TGM0YkhFMjY5ZzNJTDh1SlR3cWl0L0hGRFBxOXc9PSIsIm1hYyI6IjMwMWI1ZjcwNzQwYmQ4ZTEwMDNhNTdkMjljM2I2ODc4NDAxMThmMjllNDUzMjE0MzQxZDU5OTRiNDMwOWI4MWQifQ%3D%3D
referrals.masa.finance/ Name: XSRF-TOKEN
Value: eyJpdiI6ImRaMDBya0xBdXRPNjR0RWVoeWMvMVE9PSIsInZhbHVlIjoiNy9FcDY4TlZEdXpCTkdFeHZBTHJmTmc2cy84cG9BY3pzY1UvbjcybW9VcENKWWcweHlZZlUyeGQ5YlRYNGd6K0dWaXoydnhwZTU3VW9wZlZwczNCWFlFcTNSNmNZUXo4SkNKYVVONDJLR2hoRktRUmxtU3kwR1o1MytlekpmaFIiLCJtYWMiOiIzMmNhYTA0ODE0MTIxOGRhNGJmYTY3Y2YxNmNmY2M4OGNlZTAyNDdmOTg5MDU0MDQ1NGI4ZDExMjc1Mzk1ZTU5In0%3D
referrals.masa.finance/ Name: referral_factory_session
Value: eyJpdiI6InhvOVEyUW5QUStmNzFZaStrM0o5c3c9PSIsInZhbHVlIjoiRmNDaGxHWE1TN1d0eWxmNCtrSVpLWkdOWVBEelY0MXM1YzlqZnRHdVdGV3JISDZDak1XN1NlNG95aUZNYWttMm9vUzhpVDUreUpoeGltZGpmNmhpL09zaXBESjdOdFluNVFaQW44MU9hWjRKNUZ6dGR5VWszQWFVMDVmU3NyUTUiLCJtYWMiOiIyZmY4YjYwMDNhYjFkZDNkMGQ4NTY2M2QyYjYzNWUzMzE2YWYyZmM5YjAwZDgxNDBmMDQ5Yzg3NmE4NzZjZTM2In0%3D