mail.nukahgps.com Open in urlscan Pro
162.241.24.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.nukahgps.com/refundpayment/login.html
Submission: On October 10 via automatic, source openphish (October 10th 2022, 2:31:59 pm UTC) — Scanned from DE

Summary HTTP 90 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 28 domains to perform 90 HTTP transactions. The main IP is 162.241.24.242, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is mail.nukahgps.com.
TLS certificate: Issued by R3 on August 24th 2022. Valid for: 3 months.

This is the only time mail.nukahgps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	162.241.24.242 162.241.24.242	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.79.136.145 23.79.136.145	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4	184.86.103.24 184.86.103.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	52.224.142.56 52.224.142.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
90	36

23 162.241.24.242 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5910.bluehost.com

mail.nukahgps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

9157623.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.136.145 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-136-145.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.86.103.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-24.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

i.l.inmobicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.224.142.56 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

advertiser.inmobiapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	nukahgps.com mail.nukahgps.com	1 MB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 19 region1.analytics.google.com — Cisco Umbrella Rank: 3900 adservice.google.com — Cisco Umbrella Rank: 136	7 KB
7	doubleclick.net 2 redirects 9157623.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	5 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	298 B
6	google.de www.google.de — Cisco Umbrella Rank: 3460 adservice.google.de — Cisco Umbrella Rank: 5221	2 KB
5	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4771 gum.criteo.com — Cisco Umbrella Rank: 486 mug.criteo.com — Cisco Umbrella Rank: 1859	36 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	115 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1028	70 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	279 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 665	12 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 874 script.hotjar.com — Cisco Umbrella Rank: 1166 vars.hotjar.com — Cisco Umbrella Rank: 1268	70 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 859	612 B
2	t.co t.co — Cisco Umbrella Rank: 550	581 B
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 707	2 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 650	7 KB
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 813	765 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	190 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 798	312 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3058	257 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1787	632 B
1	inmobiapis.com advertiser.inmobiapis.com — Cisco Umbrella Rank: 126619
1	gstatic.com www.gstatic.com
1	inmobicdn.net i.l.inmobicdn.net — Cisco Umbrella Rank: 7714	1 KB
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 4647	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 967	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
90	28

	Domain	Requested by
23	mail.nukahgps.com	mail.nukahgps.com
6	www.facebook.com	mail.nukahgps.com
5	www.google.de	mail.nukahgps.com
5	www.google.com	1 redirects mail.nukahgps.com
5	www.google-analytics.com	mail.nukahgps.com www.google-analytics.com www.googletagmanager.com
4	analytics.tiktok.com	mail.nukahgps.com analytics.tiktok.com
4	connect.facebook.net	mail.nukahgps.com connect.facebook.net
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com mail.nukahgps.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	analytics.twitter.com	mail.nukahgps.com
2	t.co	mail.nukahgps.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	secure.adnxs.com	1 redirects mail.nukahgps.com
2	s.yimg.com	mail.nukahgps.com s.yimg.com
2	creativecdn.com	1 redirects mail.nukahgps.com
2	dynamic.criteo.com	www.googletagmanager.com
2	9157623.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	mail.nukahgps.com www.googletagmanager.com
1	stags.bluekai.com	tags.bkrtx.com
1	adservice.google.de	adservice.google.com
1	vc.hotjar.io	script.hotjar.com
1	sp.analytics.yahoo.com	mail.nukahgps.com
1	adservice.google.com	9157623.fls.doubleclick.net
1	mug.criteo.com	mail.nukahgps.com
1	region1.analytics.google.com	www.googletagmanager.com
1	advertiser.inmobiapis.com	mail.nukahgps.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	mail.nukahgps.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	mail.nukahgps.com
1	i.l.inmobicdn.net	mail.nukahgps.com
1	tags.bkrtx.com	mail.nukahgps.com
1	static.ads-twitter.com	mail.nukahgps.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
90	39

This site contains links to these domains. Also see Links.

Domain
www.etisalat.ae
etisalat.ae
eim.ae
facebook.com
www.linkedin.com
www.instagram.com
twitter.com
youtube.com

Subject Issuer	Validity	Valid
cpcontacts.nukahgps.com R3	`2022-08-24` - `2022-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
i.l.inmobicdn.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-21` - `2023-02-21`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-10-26`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
advertiser.inmobiapis.com Sectigo ECC Organization Validation Secure Server CA	`2021-12-03` - `2022-12-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://mail.nukahgps.com/refundpayment/login.html
Frame ID: 445FBD6CAE961DB796AEEF077FB67941
Requests: 74 HTTP requests in this frame

Frame: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
Frame ID: F39BE7DA147E8E81F67ADC4A911ACCC6
Requests: 5 HTTP requests in this frame

Frame: https://9157623.fls.doubleclick.net/activityi;dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html
Frame ID: 3483BAD780D822990750A79FA5CF4781
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_6psILqn2MkaHHpCehykG&su=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&sr=&ts=1665412315053&tc=1
Frame ID: D2ACEBC8A6CD7D2CA8EDB4901090A4A1
Requests: 1 HTTP requests in this frame

Frame: https://mail.nukahgps.com/refundpayment/Care_files/bframe.html
Frame ID: 789628FCA2CE93C104FE965FBF031B19
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=mail.nukahgps.com&origin=onetag
Frame ID: 96B789EAE8782234607AF4E902022F29
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: F3DC3E31AB92020FC22643175AF97627
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html
Frame ID: 7410084F690CD9322AA881392B651F9D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html
Frame ID: A6808BE5BF057BEFE0179E082B835593
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/75460?ret=html&phint=PC_ProductName&phint=PC_Price&phint=PC_ProductCategory&phint=PC_ProductBrand&phint=PC_ProductID&phint=AddCart_ProductName&phint=AddCart_ProductCategory&phint=AddCart_ProductPrice&phint=AddCart_ProductBrand&phint=AddCart_ProductID&phint=Phone_hash&phint=__bk_t%3DMy%20Etisalat%20-%20Self%20Care&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&phint=__bk_v%3D3.1.10&limit=4&r=3008115
Frame ID: 3DE61A4408BB6601CE0F0340AF893631
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Etisalat - Self Careicon-pinQuickPayQuickPayicon-social-facebookLinkedInInstagramTwitterYoutubeExpo 2020Page 1icon-etisalaticon-greenicon-questionsicon-smileicon-tecicon-outline-close-white

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

90
Requests

96 %
HTTPS

43 %
IPv6

28
Domains

39
Subdomains

36
IPs

7
Countries

2061 kB
Transfer

6713 kB
Size

36
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://www.etisalat.ae/en/index.jsp
Title: Consumer

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/smb/index.jsp
Title: Business

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/carrier-and-wholesale/index.jsp
Title: Carrier

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/shopping-cart
Title: Cart

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/storelocator.jsp
Title: Store icon-pin

Search URL Search Domain Scan URL

URL: https://etisalat.ae/quickpay
Title: Quickpay QuickPay

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/viewProducts?category=mobilePlans&subCategory=cat550033&catName=Postpaid_plan
Title: PLANS

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/viewProducts?category=mobileAddons&subCategory=cat550027&catName=Postpaid_add-on
Title: ADD-ONS

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/viewProducts?category=mobileDevices&subCategory=cat550037&catName=Smartphones
Title: MOBILE DEVICES

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/viewProducts?category=mobileDevices&subCategory=cat590016&catName=SmartLiving
Title: HOME DEVICES

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/viewProducts?category=homePlans&subCategory=cat550049
Title: PLANS

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/viewProducts?category=homeAddons&subCategory=cat550031
Title: ADD-ONS

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/support-guest.html
Title: SUPPORT

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/rd-login.html
Title: SIGN IN

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/dashboard.html
Title: MY ETISALAT

Search URL Search Domain Scan URL

URL: https://eim.ae/
Title: Email

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/home/home-moving.jsp
Title: Home Moving

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile-registration-renewal.jsp
Title: Mobile registration

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/quick-pay.html
Title: Quick Pay

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/orderTracking
Title: Track your order

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/userOrdersTracking
Title: Track your order

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/quickpay
Title: QuickPay Quick Pay / Recharge

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/sctermsofuse
Title: terms and conditions

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/recover-your-username.html
Title: Forgot Username

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/reset-your-password.html
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/autopay.jsp
Title: Autopay

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/plans/prepaid-plans.jsp
Title: Prepaid Plans

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/switch-to-etisalat-mobile.jsp
Title: Switch to Etisalat mobile

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/home/switch-to-elife.jsp
Title: Switch to eLife

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/promotions/uae-wi-fi.jsp
Title: UAE Wi-Fi

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/data-and-credit-transfer.jsp
Title: Data and Credit Transfer

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/trade-in-programme.jsp
Title: Trade-in Programme

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/talking-bill.jsp
Title: Talking Bill

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/email2sms.jsp
Title: Email2SMS

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en//c/mobile/mms.jsp
Title: MMS

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/4_digit_pin.jsp
Title: 4-digit PIN

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/viewProducts?category=mobilePlans&subCategory=cat550033
Title: Freedom Plans

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/home/absher-plans-home.jsp
Title: Absher Plan

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/people-of-determination.jsp
Title: People of Determination

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/deal-of-the-day.jsp
Title: Deal of the Day

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/b2c/eshop/createYourNumber?catName=Postpaid_plan
Title: Create your number

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/apps.jsp
Title: Etisalat Apps

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/dial101.jsp
Title: Dial *101#

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/information-services-ivr.jsp
Title: Information services

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/convenient-ways-to-pay.jsp
Title: Convenient ways to pay

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/c/mobile/standard-roaming-rates.jsp
Title: Standard roaming rates

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/generic/contactus-forms/web-block-unblockn.jsp
Title: Block/unblock websites

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/wst-vat.jsp
Title: Value Added Tax

Search URL Search Domain Scan URL

URL: https://facebook.com/etisalat
Title: icon-social-facebook Created with Sketch.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/etisalat
Title: LinkedIn Created with Sketch.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/etisalat
Title: Instagram Created with Sketch.

Search URL Search Domain Scan URL

URL: https://twitter.com/etisalat
Title: Twitter Created with Sketch.

Search URL Search Domain Scan URL

URL: https://youtube.com/etisalat
Title: Youtube Created with Sketch.

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/footer/about-us.jsp
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/footer/privacy-policy.jsp
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/system/wst/assets/docs/consumer/general/code-of-practice-for-customer-affairs.pdf
Title: Code of Practice

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/footer/terms-and-conditions.jsp
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/footer/doing-business-with-us.jsp
Title: Etisalat Tenders

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/footer/careers.jsp
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.etisalat.ae/en/enterprise-and-government/go-digital/expo-2020.jsp
Title: Expo 2020 Created with Sketch.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://9157623.fls.doubleclick.net/activityi;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html HTTP 302
https://9157623.fls.doubleclick.net/activityi;dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html

Request Chain 29

https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_6psILqn2MkaHHpCehykG&su=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&sr=&ts=1665412315053 HTTP 302
https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_6psILqn2MkaHHpCehykG&su=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&sr=&ts=1665412315053&tc=1

Request Chain 35

https://secure.adnxs.com/seg?add=29637970&t=2&gtmcb=1485383982 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1485383982

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D988171%26time%3D1665412315118%26url%3Dhttps%253A%252F%252Fmail.nukahgps.com%252Frefundpayment%252Flogin.html%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2&liSync=true&e_ipv6=AQJf2VSqIcHsxQAAAYPCTzmQY3NQmSwHBug6q2sjGi38bVQ_gERyLL6V4NK0p4Bc6mO3Zx4F

Request Chain 61

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/743986920/?random=1665412315280&cv=9&fst=1665412315280&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1370677199.1665412315&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/743986920/?random=1665412315280&cv=9&fst=1665410400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&is_vtc=1&random=2661221600&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/743986920/?random=1665412315280&cv=9&fst=1665410400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&is_vtc=1&random=2661221600&resp=GooglemKTybQhCsO&ipr=y

Request Chain 67

https://gum.criteo.com/sid/json?origin=onetag&domain=nukahgps.com&sn=ChromeSyncframe&so=0&topUrl=mail.nukahgps.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=d_2xi3xDcFROeW41djB0ZkoxazFGMWNsWlR1bHFaL2x6TU1BRFFoK1c1TDRhTU1XK29RUEZ5aHN1eWh6dDQzMVZWL015c0J4cy9SMG9YUHYvdnZ2SktpbnpSOUpUUHhKeHdvL2JnaTZuT2hWaTBuZ3BGWmljSkRnVUpveHViYnkwMkhHYjczWTBKWnBzeXVsazVtd3BWTmRBaGpod1VqWDRvUEZUUTNJTXo4c3lXUDFINGEvU1cyQ0hSeGpwWmhQaHpPK0toUy90Y1FXemhnQlhoYzNuTFpodkkxVWJ4YlFqK3lublZBSTFEMXB5amdVNXJrNDh1TllLSFhrU1crL0ZWY1lSdklyZmw2U2piSnVnb3lxNzVxQlVCQT09fA&cppv=2

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.html Show response
mail.nukahgps.com/refundpayment/ 433 KB
141 KB 722ms
182ms Document
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: 0957c54f4060a16fd75d93b951fc074e5d671e14fb9d0a0ea2ccb10eee17f3a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Mon, 10 Oct 2022 14:31:53 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 03 Oct 2022 13:06:30 GMT
server: Apache
vary: Accept-Encoding
x-server-cache: false

GET
H2 200 googlefonts.css
mail.nukahgps.com/refundpayment/Care_files/ 3 KB
667 B 390ms
388ms Stylesheet
text/css 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/googlefonts.css
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: e7fb53ec326d317909d7c4f9e2e490e11526293a3e43edda5cc449f4f332f976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 581

GET
H2 200 app.css
mail.nukahgps.com/refundpayment/Care_files/ 2 MB
410 KB 391ms
389ms Stylesheet
text/css 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/app.css
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: e423552ccde17b8d7b894b8e2b45f928965193e4879b8bbc208fc4e3c2d3ba11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 hmd.css
mail.nukahgps.com/refundpayment/Care_files/ 41 KB
11 KB 389ms
388ms Stylesheet
text/css 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/hmd.css
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: 3105af3538a0aa7e1566d04b13fb2c32ddce184820e72d924fc03fece281a95c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 11084

GET
H2 200 interceptor Show response
mail.nukahgps.com/refundpayment/Care_files/ 145 B
154 B 228ms
227ms Script
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/interceptor
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: a9420b9a98ddc4a88b3cca9e2e34960cb20292f8db789ecd9b30382ac5f62ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
server: Apache
x-server-cache: false
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 123

GET
H2 200 loading.gif
mail.nukahgps.com/refundpayment/Care_files/ 74 KB
75 KB 148ms
147ms Image
image/gif 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/loading.gif
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: af2d8b18228e5de40356984301eba416c02bdb4a9f4a3946e1a157abb3b16d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 75841
content-type: image/gif

GET
H2 200 labels.js Show response
mail.nukahgps.com/refundpayment/Care_files/ 15 KB
5 KB 229ms
229ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/labels.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: f127204dcfa584b1f95df6928f5fba3a98f569d88986aa43449e4fa07e542748

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5486

GET
H2 200 b2c-routes.js Show response
mail.nukahgps.com/refundpayment/Care_files/ 466 KB
116 KB 214ms
213ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/b2c-routes.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: 6bdc76e1009c28d60d0701216a4f17a8d04da135d6a16be3c30eaa245ab90b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 engine.js Show response
mail.nukahgps.com/refundpayment/Care_files/ 45 KB
15 KB 151ms
151ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/engine.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: 38e64129988154c7dac3f2dc4b4eb5bfc06cc66d50755501cda51ba047ac0cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15420

GET
H2 200 util.js Show response
mail.nukahgps.com/refundpayment/Care_files/ 45 KB
15 KB 158ms
156ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/util.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: f2c6418178f01ef9decdba14f13c496b02d25e0f466fa09cada7676884736ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 14861

GET
H2 200 CaptchaServlet.txt Show response
mail.nukahgps.com/refundpayment/Care_files/ 145 B
154 B 260ms
259ms Script
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/CaptchaServlet.txt
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: a9420b9a98ddc4a88b3cca9e2e34960cb20292f8db789ecd9b30382ac5f62ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
server: Apache
x-server-cache: false
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 123

GET
H2 200 api.js Show response
mail.nukahgps.com/refundpayment/Care_files/ 729 B
498 B 144ms
143ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/api.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: 33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/login.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 465

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 13:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5395
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 10 Oct 2022 15:01:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 509 KB
116 KB 132ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b66310f92af51b67005c3083ac07964ed534051168d41ca13e51d238dfdef083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117840
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Oct 2022 14:31:54 GMT

GET
H2 200 H2DMvhDLycM56KNuAtbJYA.woff
mail.nukahgps.com/refundpayment/Care_files/ 145 B
153 B 178ms
178ms Font
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/H2DMvhDLycM56KNuAtbJYA.woff
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/googlefonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: a9420b9a98ddc4a88b3cca9e2e34960cb20292f8db789ecd9b30382ac5f62ce4

Request headers

Referer: https://mail.nukahgps.com/refundpayment/Care_files/googlefonts.css
Origin: https://mail.nukahgps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 123
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 1YwB1sO8YE1Lyjf12WNiUA.woff
mail.nukahgps.com/refundpayment/Care_files/ 145 B
172 B 177ms
176ms Font
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/1YwB1sO8YE1Lyjf12WNiUA.woff
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/googlefonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: a9420b9a98ddc4a88b3cca9e2e34960cb20292f8db789ecd9b30382ac5f62ce4

Request headers

Referer: https://mail.nukahgps.com/refundpayment/Care_files/googlefonts.css
Origin: https://mail.nukahgps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 123
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 ge_ss_two_light.ttf
mail.nukahgps.com/refundpayment/fonts/ 145 B
154 B 219ms
218ms Font
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/fonts/ge_ss_two_light.ttf
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/app.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: a9420b9a98ddc4a88b3cca9e2e34960cb20292f8db789ecd9b30382ac5f62ce4

Request headers

Referer: https://mail.nukahgps.com/refundpayment/Care_files/app.css
Origin: https://mail.nukahgps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
server: Apache
x-server-cache: false
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 123

GET
H2 200 neotech-regular.woff
mail.nukahgps.com/refundpayment/fonts/ 145 B
153 B 196ms
196ms Font
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/fonts/neotech-regular.woff
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/app.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: a9420b9a98ddc4a88b3cca9e2e34960cb20292f8db789ecd9b30382ac5f62ce4

Request headers

Referer: https://mail.nukahgps.com/refundpayment/Care_files/app.css
Origin: https://mail.nukahgps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
server: Apache
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 123
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 anchor.html Show response
mail.nukahgps.com/refundpayment/Care_files/ Frame F39B 21 KB
11 KB 240ms
239ms Document
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: bb0adc0aa1ec24c2f8c4da77971924df77d4f6d7aa5d4fcb82c7284b10b5a14a

Request headers

Referer: https://mail.nukahgps.com/refundpayment/login.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 10995
content-type: text/html
date: Mon, 10 Oct 2022 14:31:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 27 Sep 2019 11:53:24 GMT
server: Apache
vary: Accept-Encoding
x-server-cache: false

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 138 KB
48 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T57KNFL&cid=1388765867.1665412315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0581cb6f15533a1c66ddadcfe4e0b2ccf9e386fdc04f0ee02ffc2c585082f1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 14:31:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 140ms
60ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 138 KB
47 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-T57KNFL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98206d03453b5ef6ed75f54d772432445d3615fc851b15032aac0e7b3e185860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H3

200

activityi;dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.h... Show response
9157623.fls.doubleclick.net/ Frame 3483
Redirect Chain

https://9157623.fls.doubleclick.net/activityi;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin...
https://9157623.fls.doubleclick.net/activityi;dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nu...

572 B
432 B

121ms
56ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9157623.fls.doubleclick.net/activityi;dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

1370e2880234edc8d360437755220aee15dd3ffef3c4e458b6cf8b4c9cb6f04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nukahgps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 14:31:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 14:31:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9157623.fls.doubleclick.net/activityi;dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-1432586.js Show response
static.hotjar.com/c/ 6 KB
3 KB 37ms
15ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1432586.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

593289d50e3c461ccd81a004fe52c22020bf85996a081f74dce3ae4c6397da99

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 14:31:55 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 19
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/43a7d26fdbfc0bd925e66a9508a60feb
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: kxaZE2KtLJsC7nzdO3YQIA5jvEvh2PrJoR2IQtNYgW9HCwMmxpFHpQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 48ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=69169
accept-ranges: bytes
content-length: 3063

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 49ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 10 Oct 2022 14:31:54 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B25839B7E3E14844ABB1733A504E43DE Ref B: FRAEDGE1319 Ref C: 2022-10-10T14:31:55Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 53ms
16ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=39527

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b58e9c61213cd3440bd2238368c2d7f8b9eac34b958bdc4bc44c563f4cbbacee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 51ms
12ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kjyo7100153-IAD, cache-muc13937-MUC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 14:31:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: qFVyfW5uOwTDDQSgoBzP/VbotE3xyFlTHBk22Y78HrU+mvHx/iUpjsXvxuQCsxtJosIXpj1tttr30Kfkb2F13w==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 46ms
7ms Script
application/javascript 23.79.136.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.136.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-136-145.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 10 Oct 2022 14:31:55 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Mon, 17 Oct 2022 14:31:55 GMT

GET
H2

204

tags
creativecdn.com/ Frame D2AC
Redirect Chain

https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_6psILqn2MkaHHpCehykG&su=https%3A%2F%2Fmail.nukahg...
https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_6psILqn2MkaHHpCehykG&su=https%3A%2F%2Fmail.nukahg...

0
0

15ms
15ms

Document
text/plain

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_6psILqn2MkaHHpCehykG&su=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&sr=&ts=1665412315053&tc=1
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://mail.nukahgps.com/refundpayment/login.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 10 Oct 2022 14:31:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?type=iframe&id=pr_Wu0DIU5lLy56UZdgqCMM&id=pr_Wu0DIU5lLy56UZdgqCMM_custom_lang_undefined&id=pr_Wu0DIU5lLy56UZdgqCMM_lid_6psILqn2MkaHHpCehykG&su=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&sr=&ts=1665412315053&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 123 KB
37 KB 186ms
128ms Script
application/javascript 184.86.103.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NC3CLQ5ECR7VU42P60&lib=ttq
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3d02d92cce062af55617d50f2c13ddfaf3123f39629495f7734dc94e2cc7199b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id: 5449f365.9e406c98
date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-24.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 113,184.86.102.24
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=7, inner; dur=2
content-length: 37148
pragma: no-cache
server: nginx
x-tt-logid: 20221010143155A9DCE11584C3186DAB07
x-cache-remote: TCP_MISS from a23-218-223-12.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.218.223.12
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba1e2a405edaf97a6ef1484e1ef149c31be8f7f7e5a77d2c822c4ed09addf50e727d050836aa00693d0ae9b0777939e6839b35c968d76f38bd3e9e13a98e4b319260e79dd0144c010deec58decd694eeb8
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H/1.1 200
OK min.pixel.js Show response
i.l.inmobicdn.net/helix-cors/custom/js/idspPixel/v4/ 1 KB
1 KB 86ms
16ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://i.l.inmobicdn.net/helix-cors/custom/js/idspPixel/v4/min.pixel.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ee9adb6845e715d1f4c44a8f4f3424d4926b7327a52c42c90b494a336eae383e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 14:31:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:11:22 GMT
ETag: "1638450682"
X-HW: 1665412315.dop225.am5.t,1665412315.cds264.am5.shn,1665412315.dop225.am5.t,1665412315.cds203.am5.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=74565
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 651

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 69ms
23ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:30:47 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: ZAPQ2GD6EPS9ZXVK
age: 69
x-amz-server-side-encryption: AES256
x-amz-id-2: g9aus76A0Mhrug9Ow2OTz+0D1T5y+Qu7MU/uop9ix1MupylAy7MJSBu2LnXg+WdFmN9sVZgLusU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 33ms
33ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=99644

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c241cb65b5ef23a9e563ab6d554fd11a2666848bf49fef3cffcb770b93d6243d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
74 KB 128ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BPWBRZB9JK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSZ46Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6766bedcbdff6fb628959d92e4199d4930fd792e0f5001aba1775e43e0a7a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=29637970&t=2&gtmcb=1485383982
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1485383982

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1485383982

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 14:31:55 GMT
AN-X-Request-Uuid: 007ae6be-875b-44bd-9ec4-078ee0c2b1c3
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 14:31:55 GMT
AN-X-Request-Uuid: 3173fa93-d483-4d02-8c86-d8532f55e8aa
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29637970%26t%3D2%26gtmcb%3D1485383982
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 styles__ltr.css
mail.nukahgps.com/refundpayment/Care_files/bframe_data/ Frame F39B 138 KB
93 KB 147ms
147ms Stylesheet
text/css 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/bframe_data/styles__ltr.css
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: f23380b798aab3c9f03acd891f564a131d604c5bf0c9e8df4d4183532602775b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 recaptcha__en.js Show response
mail.nukahgps.com/refundpayment/Care_files/ Frame F39B 262 KB
111 KB 162ms
161ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/recaptcha__en.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js Show response
mail.nukahgps.com/refundpayment/Care_files/anchor_data/ Frame F39B 12 KB
6 KB 144ms
144ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/anchor_data/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: 241c125ec73ffdb2f5008230c8a877427c011e0ec3f96337ff9fc0c22a0c2819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/Care_files/anchor.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5723

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/ 0
0 260ms
181ms Script
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 bframe.html Show response
mail.nukahgps.com/refundpayment/Care_files/ Frame 7896 8 KB
2 KB 170ms
170ms Document
text/html 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/bframe.html
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: 1e3d20c4b5805d103bdf848b330bb7ff242832ced96cc4ad858b5fc3cc802063

Request headers

Referer: https://mail.nukahgps.com/refundpayment/login.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1616
content-type: text/html
date: Mon, 10 Oct 2022 14:31:55 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 27 Sep 2019 11:53:24 GMT
server: Apache
vary: Accept-Encoding
x-server-cache: false

GET
H2 200 modules.f0cd1ed70b545da08b60.js Show response
script.hotjar.com/ 254 KB
65 KB 31ms
8ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f0cd1ed70b545da08b60.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1432586.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

8662b9efaf4e7baadfdc51b0a0a133cca8c7670e354d155580a74b2184de2317

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 260149
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66220
last-modified: Fri, 07 Oct 2022 14:15:55 GMT
etag: "267f2b8b196cf2f3b560a8c460b335c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Mpoc5OuuSnVzHRrzQdQvyGleyatOdT3pjcWoqE_AVaW119v4Mnl3Ww==

GET
H3 200 905934456228039 Show response
connect.facebook.net/signals/config/ 294 KB
84 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/905934456228039?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e016484880cbb8e4bbc21df8f4ca0b5d4888dc73cd01d2c05f758082232d62ea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 14:31:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86364
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FN7JQo90YSpKEujjsCwUzE59Xbrk8njOllAmknnNZt9E/3CcPUmH+D8T68RQTjC2HdqoqWgpe7aPlDJA0XIl/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D988171%26time%3D1665412315118%26url%3Dhttps%253A%252F%252Fmail.nukahgps.com%252Fr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2&liSync=true&e_ipv6=AQJf2VSqIcHsxQAAAYPCTzmQY3...

0
265 B

147ms
119ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2&liSync=true&e_ipv6=AQJf2VSqIcHsxQAAAYPCTzmQY3NQmSwHBug6q2sjGi38bVQ_gERyLL6V4NK0p4Bc6mO3Zx4F
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B02BC09271EE498DB3605EDD60AF73DE Ref B: FRAEDGE1408 Ref C: 2022-10-10T14:31:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqrwV60q4dYe/EAF4NZg==

Redirect headers

date: Mon, 10 Oct 2022 14:31:55 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 23603CF2E81A42D5A673AA704A428969 Ref B: FRAEDGE1508 Ref C: 2022-10-10T14:31:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=988171&time=1665412315118&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tm=gtmv2&liSync=true&e_ipv6=AQJf2VSqIcHsxQAAAYPCTzmQY3NQmSwHBug6q2sjGi38bVQ_gERyLL6V4NK0p4Bc6mO3Zx4F
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqrwV4sreaxZ9CxERGbA==

GET
H2 204 52018639.js Show response
bat.bing.com/p/action/ 0
117 B 122ms
122ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/52018639.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 10 Oct 2022 14:31:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 096C4E783E41450A95608C28F116DE18 Ref B: FRAEDGE1319 Ref C: 2022-10-10T14:31:55Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52018639&tm=gtm002&Ver=2&mid=0299e9b4-4bfe-4112-83b2-cc2a5db994d7&sid=49fbe2c048a811eda81751cf62c2631e&vid=49fc1d4048a811ed9c039d790e54c331&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=My%20Etisalat%20-%20Self%20Care&p=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&r=&lt=1809&evt=pageLoad&sv=1&rn=697512

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 14:31:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03B7356141494660B8B539FB2B66E033 Ref B: FRAEDGE1319 Ref C: 2022-10-10T14:31:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-76519932-1&cid=1388765867.1665412315&jid=496536478&gjid=1413666551&_gid=570446403.1665412315&_u=aGDAgEADQAAAAEAAI~&z=1895680625

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.nukahgps.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 10 Oct 2022 14:31:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.nukahgps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=243748860&t=pageview&_s=1&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&ul=en-us&de=UTF-8&dt=My%20Etisalat%20-%20Self%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAAAAI~&jid=496536478&gjid=1413666551&cid=1388765867.1665412315&tid=UA-76519932-1&_gid=570446403.1665412315&gtm=2wga50TSZ46Z&z=477529874

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 19:37:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68065
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
204 B 130ms
109ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=a1e16225-9c79-4abe-b948-fad3a818b699&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eac77301-f57d-4bbf-a7dc-1e0f7c7992bb&tw_document_href=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 10 Oct 2022 14:31:54 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 488034f657b198d9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 93d3a61d404041dc6941e2b1fb7f528e2b2a36f929623d0a9786f51ef46fd323
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
217 B 152ms
117ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a1e16225-9c79-4abe-b948-fad3a818b699&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eac77301-f57d-4bbf-a7dc-1e0f7c7992bb&tw_document_href=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 10 Oct 2022 14:31:54 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 40511bc3f6894e8b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fa52a17def83bf8e59bfb97f21760782d131268e067e2b4c7a2d84035614dbbe
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
377 B 128ms
108ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=686a08c3-d5ba-4614-b4a7-1a95adb91bef&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eac77301-f57d-4bbf-a7dc-1e0f7c7992bb&tw_document_href=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 101
date: Mon, 10 Oct 2022 14:31:54 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6e52a737cf932567
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 93d3a61d404041dc6941e2b1fb7f528e2b2a36f929623d0a9786f51ef46fd323
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 145ms
111ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=686a08c3-d5ba-4614-b4a7-1a95adb91bef&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eac77301-f57d-4bbf-a7dc-1e0f7c7992bb&tw_document_href=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv1sh&type=javascript&version=2.3.27

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 10 Oct 2022 14:31:54 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3ef7964dcef2be81
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fa52a17def83bf8e59bfb97f21760782d131268e067e2b4c7a2d84035614dbbe
content-length: 43

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 96B7 15 KB
6 KB 48ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=mail.nukahgps.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=39527

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mail.nukahgps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 14:31:54 GMT
server: Kestrel
server-processing-duration-in-ticks: 1002556
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame F3DC 2 KB
1 KB 30ms
7ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1432586.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://mail.nukahgps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 536627
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:28:08 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-id: Wq82D55RPJxFGpUGLoV4yzeo-lZFnxlnGC3TWMWdZKcB0faovClBXQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 158ms
77ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76519932-1&cid=1388765867.1665412315&jid=496536478&_u=aGDAgEADQAAAAEAAI~&z=1887490728

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 157ms
76ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76519932-1&cid=1388765867.1665412315&jid=496536478&_u=aGDAgEADQAAAAEAAI~&z=1887490728

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1018778028141254 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1018778028141254?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab34e5d586c331b43a19b2b46dca69054f9256033b400c2675b91fd7d4765300

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 14:31:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85951
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: fmH87SDqdD9a2UgBUHvhn/hr/KaJ/hKQfNhyufR3UZzNcIw3Nx17OtgC+SHb+F4v+MIkQdpX8G8/yUrMAYCi6Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel
advertiser.inmobiapis.com/tpce/v1/events/ 0
0 295ms
93ms Image
application/json 52.224.142.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advertiser.inmobiapis.com/tpce/v1/events/pixel?impId=&advId=be74c68eaf2f4481a2c389f9ca07dae8&bUrl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&ckId=78a0c18f-c87f-4686-a60b-472d24431a4a&eventTime=1665412315243
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.224.142.56 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 10086711.json Show response
s.yimg.com/wi/config/ 2 B
487 B 175ms
136ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10086711.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: 1WHYDZMXTGCK6QQJ
age: 1
content-length: 22
x-amz-id-2: ZLoCgPCY8+YR9xr/UXP+b9JvMgCLkfVSgjQp05aYiWGantlsGlszxIW22zD+m+Gc8Pd8YFVygbo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/ 2 KB
1 KB 147ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?random=1665412315278&cv=9&fst=1665412315278&num=1&label=ofteCKzz4GYQ95fBrQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1370677199.1665412315&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecf52471fbc6bd7800d8c6c9f461930352682b2ca9ad5df7ea099a4b85a0d69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/ 2 KB
2 KB 112ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/900746231/?random=1665412315280&cv=9&fst=1665412315280&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&auid=1370677199.1665412315&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74b1ea9faaa9650f887ef8a3bdd455232375ab73e0f9b6be7063c6297daecc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/743986920/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/743986920/?random=1665412315280&cv=9&fst=1665412315280&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/743986920/?random=1665412315280&cv=9&fst=1665410400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/743986920/?random=1665412315280&cv=9&fst=1665410400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

52ms
51ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/743986920/?random=1665412315280&cv=9&fst=1665410400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&is_vtc=1&random=2661221600&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/743986920/?random=1665412315280&cv=9&fst=1665410400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&is_vtc=1&random=2661221600&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
mail.nukahgps.com/refundpayment/Care_files/bframe_data/ Frame 7896 138 KB
93 KB 150ms
150ms Stylesheet
text/css 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/bframe_data/styles__ltr.css
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/bframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: f23380b798aab3c9f03acd891f564a131d604c5bf0c9e8df4d4183532602775b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/Care_files/bframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 recaptcha__en.js Show response
mail.nukahgps.com/refundpayment/Care_files/ Frame 7896 262 KB
111 KB 152ms
151ms Script
application/javascript 162.241.24.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nukahgps.com/refundpayment/Care_files/recaptcha__en.js
Requested by: Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/bframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.24.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5910.bluehost.com
Software: Apache /
Resource Hash: ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/refundpayment/Care_files/bframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 11:53:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
348 B 106ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BPWBRZB9JK&gtm=2oea50&_p=243748860&_gaz=1&cid=1388765867.1665412315&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665412315&sct=1&seg=0&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&dt=My%20Etisalat%20-%20Self%20Care&en=page_view&_fv=2&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPWBRZB9JK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.nukahgps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 59ms
21ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BPWBRZB9JK&cid=1388765867.1665412315&gtm=2oea50&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPWBRZB9JK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.nukahgps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 75ms
75ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BPWBRZB9JK&cid=1388765867.1665412315&gtm=2oea50&aip=1&z=1576676020

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 96B7
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=nukahgps.com&sn=ChromeSyncframe&so=0&topUrl=mail.nukahgps.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=d_2xi3xDcFROeW41djB0ZkoxazFGMWNsWlR1bHFaL2x6TU1BRFFoK1c1TDRhTU1XK29RUEZ5aHN1eWh6dDQzMVZWL015c0J4cy9SMG9YUHYvdnZ2SktpbnpSOUpUUHhKeHdvL2JnaTZuT2hWaTBuZ3BGWmljSkRnVUpveH...

435 B
655 B

58ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=d_2xi3xDcFROeW41djB0ZkoxazFGMWNsWlR1bHFaL2x6TU1BRFFoK1c1TDRhTU1XK29RUEZ5aHN1eWh6dDQzMVZWL015c0J4cy9SMG9YUHYvdnZ2SktpbnpSOUpUUHhKeHdvL2JnaTZuT2hWaTBuZ3BGWmljSkRnVUpveHViYnkwMkhHYjczWTBKWnBzeXVsazVtd3BWTmRBaGpod1VqWDRvUEZUUTNJTXo4c3lXUDFINGEvU1cyQ0hSeGpwWmhQaHpPK0toUy90Y1FXemhnQlhoYzNuTFpodkkxVWJ4YlFqK3lublZBSTFEMXB5amdVNXJrNDh1TllLSFhrU1crL0ZWY1lSdklyZmw2U2piSnVnb3lxNzVxQlVCQT09fA&cppv=2

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69396d619032673082ce779b1b5272580116a8ee755e198583ed688063b07af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2491277
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=d_2xi3xDcFROeW41djB0ZkoxazFGMWNsWlR1bHFaL2x6TU1BRFFoK1c1TDRhTU1XK29RUEZ5aHN1eWh6dDQzMVZWL015c0J4cy9SMG9YUHYvdnZ2SktpbnpSOUpUUHhKeHdvL2JnaTZuT2hWaTBuZ3BGWmljSkRnVUpveHViYnkwMkhHYjczWTBKWnBzeXVsazVtd3BWTmRBaGpod1VqWDRvUEZUUTNJTXo4c3lXUDFINGEvU1cyQ0hSeGpwWmhQaHpPK0toUy90Y1FXemhnQlhoYzNuTFpodkkxVWJ4YlFqK3lublZBSTFEMXB5amdVNXJrNDh1TllLSFhrU1crL0ZWY1lSdklyZmw2U2piSnVnb3lxNzVxQlVCQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 527363
content-length: 0
expires: 0

GET
H2 200 JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js Show response
www.google.com/js/bg/ Frame F39B 12 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/JBwSXsc__bL1AIIwyKh3QnwBHg7D-WM3_5_AwioMKBk.js

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/Care_files/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241c125ec73ffdb2f5008230c8a877427c011e0ec3f96337ff9fc0c22a0c2819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 18:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5282
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 18:50:08 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 115ms
114ms Script
application/javascript 184.86.103.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NC3CLQ5ECR7VU42P60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id: 1eef5d32.9e40707a
date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-24.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 99,184.86.102.24
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=12, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 2022101014315581CFDE0878C52D78E705
x-cache-remote: TCP_MISS from a23-218-223-25.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.218.223.25
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba1e2a405edaf97a6ef1484e1ef149c31be13a6d465135cefffaf5518aaaa49e61b3b323449c73168ad55f7c4cce52ac8780cb7b34db45f99c347481e1798d0dab955a5717ecc4df94b05681205561e942
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 861 B
1 KB 121ms
121ms Script
application/javascript 184.86.103.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5NC3CLQ5ECR7VU42P60&hostname=mail.nukahgps.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NC3CLQ5ECR7VU42P60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6c692b71d415ec74be6bcc387375388a14f718828bc0931d9a5a965a0beeccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id: f57319ed.9e40714a
date: Mon, 10 Oct 2022 14:31:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-24.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 111,184.86.102.24
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=24, inner; dur=21
content-length: 345
pragma: no-cache
server: nginx
x-tt-logid: 202210101431554E396E2850DA9069F439
x-cache-remote: TCP_MISS from a104-78-78-46.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,104.78.78.46
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba1e2a405edaf97a6ef1484e1ef149c31b47227637c666ac2e2a2ea24026947ec90f2d9d18eb5db22b384a4255e829926c7c05a89f93402cf19b0526f25ef73940aad050d31161472a87a0238a2ac5a59a
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H3 200 2427362067505006 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2427362067505006?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ee8de329eebfe19de9358a26e88b71a29591acde073111816a0c8e01e2723be

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Oct 2022 14:31:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85910
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: CRXTHVyeMQVTcuYLgC+cYRr6eVvMOiXqD8kMsDL1HIZT5wZeDpS6n54c8nG//i55Gmv+2T3PbmdosUWqEs5kzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 39ms
13ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=905934456228039&ev=PageView&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&rl=&if=false&ts=1665412315460&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665412315459.427051870&it=1665412315114&coo=false&rqm=GET

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 14:31:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
14ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1018778028141254&ev=PageView&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&rl=&if=false&ts=1665412315461&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665412315459.427051870&it=1665412315114&coo=false&rqm=GET

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 14:31:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=... Show response
adservice.google.com/ddm/fls/i/ Frame 7410 571 B
878 B 183ms
77ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html

Requested by

Host: 9157623.fls.doubleclick.net
URL: https://9157623.fls.doubleclick.net/activityi;dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ebc98d33e84c4fd3540e64c57456e0cf648a892c1c8ddf2dbfd9942225ffd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9157623.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 14:31:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 117ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2010%20Oct%202022%2014%3A31%3A55%20GMT&n=0&b=My%20Etisalat%20-%20Self%20Care&.yp=10086711&f=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H2 204 1432586 Show response
vc.hotjar.io/sessions/ 0
257 B 89ms
34ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1432586?s=0.25&r=0.13775668322499324
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f0cd1ed70b545da08b60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 14:31:55 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: AUhxkh_C6A5cgkRqNcvGCg9wQ90b2lmDLWkge6P8u5UAHG1pRNMqmQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/900746231/ 42 B
64 B 129ms
71ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/900746231/?random=1665412315280&cv=9&fst=1665410400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&fmt=3&is_vtc=1&random=495374486&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/900746231/ 42 B
64 B 130ms
53ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/900746231/?random=1665412315280&cv=9&fst=1665410400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&fmt=3&is_vtc=1&random=495374486&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/900746231/ 42 B
64 B 94ms
70ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/900746231/?random=1665412315278&cv=9&fst=1665410400000&num=1&label=ofteCKzz4GYQ95fBrQM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&fmt=3&is_vtc=1&random=3855942578&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/900746231/ 42 B
64 B 92ms
50ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/900746231/?random=1665412315278&cv=9&fst=1665410400000&num=1&label=ofteCKzz4GYQ95fBrQM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&tiba=My%20Etisalat%20-%20Self%20Care&async=1&fmt=3&is_vtc=1&random=3855942578&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 14:31:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2427362067505006&ev=PageView&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&rl=&if=false&ts=1665412315546&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665412315459.427051870&it=1665412315114&coo=false&rqm=GET

Requested by

Host: mail.nukahgps.com
URL: https://mail.nukahgps.com/refundpayment/login.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 14:31:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
687 B 131ms
130ms Ping
application/octet-stream 184.86.103.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5NC3CLQ5ECR7VU42P60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.nukahgps.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1cdef620.9e40730a
date: Mon, 10 Oct 2022 14:31:55 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-24.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 113,184.86.102.24
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=27, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221010143155D582E5B10F7CDD6E956E
x-cache-remote: TCP_MISS from a23-218-223-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.218.223.6
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba1e2a405edaf97a6ef1484e1ef149c31bab09f40b81bedbf0dc2750a728b4550f0b16723bf84283571a202a2cf79def5bb336a985caa2e855d0aeb6c3c5dfd407dad6ec2c526afcd2549f8cc2f0c159eb
expires: Mon, 10 Oct 2022 14:31:55 GMT

GET
H2 200 dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=... Show response
adservice.google.de/ddm/fls/i/ Frame A680 194 B
870 B 154ms
74ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIm9zKvw1foCFSe-7QodJskN_A;src=9157623;type=remar0;cat=etisa0;ord=7534636381458;gtm=2wga50;auiddc=1370677199.1665412315;u1=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html;~oref=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 14:31:55 GMT
expires: Mon, 10 Oct 2022 14:31:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 75460 Show response
stags.bluekai.com/site/ Frame 3DE6 71 B
312 B 184ms
155ms Document
text/html 104.76.200.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/75460?ret=html&phint=PC_ProductName&phint=PC_Price&phint=PC_ProductCategory&phint=PC_ProductBrand&phint=PC_ProductID&phint=AddCart_ProductName&phint=AddCart_ProductCategory&phint=AddCart_ProductPrice&phint=AddCart_ProductBrand&phint=AddCart_ProductID&phint=Phone_hash&phint=__bk_t%3DMy%20Etisalat%20-%20Self%20Care&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&phint=__bk_v%3D3.1.10&limit=4&r=3008115
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-200-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://mail.nukahgps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

bk-server: db1d
cache-control: max-age=0, no-cache, no-store
content-length: 71
content-type: text/html
date: Mon, 10 Oct 2022 14:31:56 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=243748860&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&ul=en-us&de=UTF-8&dt=My%20Etisalat%20-%20Self%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adjusted%20Bounce%20Rate&ea=50%25%20Scroll&el=%2Frefundpayment%2Flogin.html&_u=aGDAgEADQAAAAEAAI~&jid=&gjid=&cid=1388765867.1665412315&tid=UA-76519932-1&_gid=570446403.1665412315&gtm=2wga50TSZ46Z&z=2054874431

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 19:37:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68065
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=905934456228039&ev=Microdata&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&rl=&if=false&ts=1665412316964&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Etisalat%20-%20Self%20Care%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665412315459.427051870&it=1665412315114&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 14:31:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1018778028141254&ev=Microdata&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&rl=&if=false&ts=1665412316966&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Etisalat%20-%20Self%20Care%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665412315459.427051870&it=1665412315114&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 14:31:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2427362067505006&ev=Microdata&dl=https%3A%2F%2Fmail.nukahgps.com%2Frefundpayment%2Flogin.html&rl=&if=false&ts=1665412317050&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Etisalat%20-%20Self%20Care%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665412315459.427051870&it=1665412315114&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nukahgps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Oct 2022 14:31:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nukahgps.com/	1970-01-20 06:38:18	Name: _gid Value: GA1.2.570446403.1665412315
.nukahgps.com/	1970-01-20 08:46:28	Name: _gcl_au Value: 1.1.1370677199.1665412315
.bing.com/	1970-01-20 15:58:28	Name: MUID Value: 3CD25E3342696B9921D64C0A43BB6A17
.creativecdn.com/	1970-01-20 15:22:28	Name: u Value: v0HLdboOIVYc044WTAk2
.creativecdn.com/	1970-01-20 15:22:28	Name: ts Value: 1665412315
.nukahgps.com/	1970-01-20 06:38:18	Name: _uetsid Value: 49fbe2c048a811eda81751cf62c2631e
.nukahgps.com/	1970-01-20 15:58:28	Name: _uetvid Value: 49fc1d4048a811ed9c039d790e54c331
.adnxs.com/	1970-01-20 08:46:28	Name: uuid2 Value: 4887790184543988607
.nukahgps.com/	1970-01-20 06:36:52	Name: _dc_gtm_UA-76519932-1 Value: 1
.adnxs.com/	1970-01-20 08:46:28	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GU'tB6*E!]tbP6j2F-XstGt!@DGm$]j]r
mail.nukahgps.com/	1970-01-20 08:46:28	Name: iDSP_Cookie Value: 78a0c18f-c87f-4686-a60b-472d24431a4a*1665412315243be74c68eaf2f4481a2c389f9ca07dae8
.criteo.com/	1970-01-20 15:58:28	Name: uid Value: 0ba3dad8-7b94-4143-bdb3-f9d6869f0a2b
.linkedin.com/	1970-01-20 07:20:04	Name: UserMatchHistory Value: AQKFXBFRFF6ArwAAAYPCTzhR8-DLBhUpGSAlqarjJJ9AZU23dTt7W1FeoHiA5YZmih-9LG8IPt1pCA
.linkedin.com/	1970-01-20 07:20:04	Name: AnalyticsSyncHistory Value: AQL_-cXkyKhZRgAAAYPCTzhRZlvwQj7sgpzzuvsS0pTm4YGkiY1hvHJS8o78J9GyAcAvISonDKcQVUT2AXd8mQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:22:28	Name: bcookie Value: "v=2&8af10026-2938-4933-8aec-d20f32aa5e78"
.linkedin.com/	1970-01-20 06:38:18	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2421:u=1:x=1:i=1665412315:t=1665498715:v=2:sig=AQEQJRU1X2aExjCfjEkrT0r4_yh9Ij3C"
.t.co/	1970-01-20 16:12:52	Name: muc_ads Value: 328275b9-ab6b-4947-8973-06b5ff30a174
.doubleclick.net/	1970-01-20 06:36:53	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-20 16:12:52	Name: personalization_id Value: "v1_SwjwmIxHHTW++fEqXwpdFQ=="
.nukahgps.com/	1970-01-20 16:12:52	Name: _ga_BPWBRZB9JK Value: GS1.1.1665412315.1.0.1665412315.60.0.0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:22:28	Name: bscookie Value: "v=1&20221010143155cc9dbe3f-4d07-4f95-8308-07ada4a43e03AQGGppUnQ13RWMr8pZCbztHRVSqundfb"
.linkedin.com/	1970-01-20 10:56:04	Name: li_gc Value: MTswOzE2NjU0MTIzMTU7MjswMjEgKVZYqatcYhw7KBcLI6LfAiQ2XtmlYmCSpD4fNiGQ7A==
.nukahgps.com/	1970-01-20 08:46:28	Name: _fbp Value: fb.1.1665412315459.427051870
.nukahgps.com/	1970-01-20 15:22:28	Name: _hjSessionUser_1432586 Value: eyJpZCI6IjMwODQ5NjNkLTI1MWUtNWM4MC05ZmRkLWRmNTNjZTQwOWNlMCIsImNyZWF0ZWQiOjE2NjU0MTIzMTUyNjYsImV4aXN0aW5nIjpmYWxzZX0=
.nukahgps.com/	1970-01-20 06:36:54	Name: _hjFirstSeen Value: 1
mail.nukahgps.com/	1970-01-20 06:36:52	Name: _hjIncludedInSessionSample Value: 0
.nukahgps.com/	1970-01-20 06:36:54	Name: _hjSession_1432586 Value: eyJpZCI6IjI1ZTljMzJkLWZmMzYtNDExNi1hN2VmLTNkMGYyZWVlOWEyOCIsImNyZWF0ZWQiOjE2NjU0MTIzMTU0ODgsImluU2FtcGxlIjpmYWxzZX0=
.nukahgps.com/	1970-01-20 06:36:54	Name: _hjAbsoluteSessionInProgress Value: 1
.tiktok.com/	1970-01-20 15:58:28	Name: _ttp Value: 2Fwo4V1t5aoBpM35pyTxqnDEImE
.nukahgps.com/	1970-01-20 16:06:16	Name: cto_bundle Value: Tch8419iTFl5SFo4MGJqWkQ3N2NicUxOV3ElMkJBODZiNXU1WHh3T3lvYkZYTjBLNkN3eU4lMkY5MXVCTDVKdjRQUSUyRmN5RHFDTGZTc3doQUJxeCUyQlQlMkZ4aFpRbUdibjM4WDJ4Q2YyMGFHcmhqc3IxVFozSjd4SkJwOFZxck1odGxMalY0d1JZdFFMV1U1aWJ4WHpDcUVNQzJqQzB4RjVnJTNEJTNE
.nukahgps.com/	1970-01-20 15:58:28	Name: _tt_enable_cookie Value: 1
.nukahgps.com/	1970-01-20 15:58:28	Name: _ttp Value: 09db8054-1d12-4411-9c35-c1453828e54c
.yahoo.com/	1970-01-20 15:22:49	Name: A3 Value: d=AQABBNssRGMCEMKV42aUC9mQMk8wBPVEsMAFEgEBAQF-RWNOYwAAAAAA_eMAAA&S=AQAAAleP7FEUV1dgVopDkqKYAe0
.nukahgps.com/	1970-01-20 16:12:52	Name: _ga Value: GA1.2.1388765867.1665412315

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://mail.nukahgps.com/refundpayment/login.html(Line 314) Message: Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/Care_files/1YwB1sO8YE1Lyjf12WNiUA.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/Care_files/H2DMvhDLycM56KNuAtbJYA.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/fonts/ge_ss_two_light.ttf
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/fonts/neotech-regular.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/fonts/neotech-regular.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	error	URL: https://mail.nukahgps.com/refundpayment/login.html(Line 1825) Message: Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/Care_files/1YwB1sO8YE1Lyjf12WNiUA.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/Care_files/H2DMvhDLycM56KNuAtbJYA.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/fonts/neotech-regular.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/fonts/neotech-regular.woff
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: Failed to decode downloaded font: https://mail.nukahgps.com/refundpayment/fonts/ge_ss_two_light.ttf
other	warning	URL: https://mail.nukahgps.com/refundpayment/login.html Message: OTS parsing error: invalid sfntVersion: 1014195058
network	error	URL: https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://mail.nukahgps.com/refundpayment/Care_files/recaptcha__en.js(Line 341) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.google.com') does not match the recipient window's origin ('https://mail.nukahgps.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9157623.fls.doubleclick.net
adservice.google.com
adservice.google.de
advertiser.inmobiapis.com
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
connect.facebook.net
creativecdn.com
dynamic.criteo.com
googleads.g.doubleclick.net
gum.criteo.com
i.l.inmobicdn.net
mail.nukahgps.com
mug.criteo.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
sp.analytics.yahoo.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.bkrtx.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
104.244.42.131
104.244.42.197
104.76.200.221
13.107.42.14
142.250.185.102
142.250.185.98
162.241.24.242
178.250.0.147
178.250.0.157
18.66.112.110
18.66.147.116
18.66.97.49
184.86.103.24
185.184.8.90
185.89.210.180
199.232.188.157
2001:4860:4802:32::36
205.185.216.42
212.82.100.181
23.79.136.145
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:26f0:3500:16::215:149b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.222.236.74
52.224.142.56
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0581cb6f15533a1c66ddadcfe4e0b2ccf9e386fdc04f0ee02ffc2c585082f1e3
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0957c54f4060a16fd75d93b951fc074e5d671e14fb9d0a0ea2ccb10eee17f3a5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1370e2880234edc8d360437755220aee15dd3ffef3c4e458b6cf8b4c9cb6f04f
1e3d20c4b5805d103bdf848b330bb7ff242832ced96cc4ad858b5fc3cc802063
241c125ec73ffdb2f5008230c8a877427c011e0ec3f96337ff9fc0c22a0c2819
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3105af3538a0aa7e1566d04b13fb2c32ddce184820e72d924fc03fece281a95c
33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad
38e64129988154c7dac3f2dc4b4eb5bfc06cc66d50755501cda51ba047ac0cdf
3d02d92cce062af55617d50f2c13ddfaf3123f39629495f7734dc94e2cc7199b
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
593289d50e3c461ccd81a004fe52c22020bf85996a081f74dce3ae4c6397da99
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
6766bedcbdff6fb628959d92e4199d4930fd792e0f5001aba1775e43e0a7a48a
69396d619032673082ce779b1b5272580116a8ee755e198583ed688063b07af6
6bdc76e1009c28d60d0701216a4f17a8d04da135d6a16be3c30eaa245ab90b42
6ee8de329eebfe19de9358a26e88b71a29591acde073111816a0c8e01e2723be
74b1ea9faaa9650f887ef8a3bdd455232375ab73e0f9b6be7063c6297daecc2c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8662b9efaf4e7baadfdc51b0a0a133cca8c7670e354d155580a74b2184de2317
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
98206d03453b5ef6ed75f54d772432445d3615fc851b15032aac0e7b3e185860
9ebc98d33e84c4fd3540e64c57456e0cf648a892c1c8ddf2dbfd9942225ffd96
a6c692b71d415ec74be6bcc387375388a14f718828bc0931d9a5a965a0beeccd
a9420b9a98ddc4a88b3cca9e2e34960cb20292f8db789ecd9b30382ac5f62ce4
ab34e5d586c331b43a19b2b46dca69054f9256033b400c2675b91fd7d4765300
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af2d8b18228e5de40356984301eba416c02bdb4a9f4a3946e1a157abb3b16d94
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b58e9c61213cd3440bd2238368c2d7f8b9eac34b958bdc4bc44c563f4cbbacee
b66310f92af51b67005c3083ac07964ed534051168d41ca13e51d238dfdef083
bb0adc0aa1ec24c2f8c4da77971924df77d4f6d7aa5d4fcb82c7284b10b5a14a
c241cb65b5ef23a9e563ab6d554fd11a2666848bf49fef3cffcb770b93d6243d
e016484880cbb8e4bbc21df8f4ca0b5d4888dc73cd01d2c05f758082232d62ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e423552ccde17b8d7b894b8e2b45f928965193e4879b8bbc208fc4e3c2d3ba11
e7fb53ec326d317909d7c4f9e2e490e11526293a3e43edda5cc449f4f332f976
ecf52471fbc6bd7800d8c6c9f461930352682b2ca9ad5df7ea099a4b85a0d69a
ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a
ee9adb6845e715d1f4c44a8f4f3424d4926b7327a52c42c90b494a336eae383e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f127204dcfa584b1f95df6928f5fba3a98f569d88986aa43449e4fa07e542748
f23380b798aab3c9f03acd891f564a131d604c5bf0c9e8df4d4183532602775b
f2c6418178f01ef9decdba14f13c496b02d25e0f466fa09cada7676884736ce6
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de

mail.nukahgps.com Open in urlscan Pro 162.241.24.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

96 %HTTPS

43 %IPv6

28 Domains

39 Subdomains

36 IPs

7 Countries

2061 kBTransfer

6713 kBSize

36 Cookies

60 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mail.nukahgps.com Open in urlscan Pro
162.241.24.242 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

96 %
HTTPS

43 %
IPv6

28
Domains

39
Subdomains

36
IPs

7
Countries

2061 kB
Transfer

6713 kB
Size

36
Cookies

90 HTTP transactions
0 data transactions