mta-live.com Open in urlscan Pro
50.17.184.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mta-live.com/
Effective URL:
https://mta-live.com/
Submission: On June 17 via api (June 17th 2024, 1:08:08 pm UTC) from NL — Scanned from NL

Summary HTTP 34 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 34 HTTP transactions. The main IP is 50.17.184.161, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mta-live.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 4th 2024. Valid for: a year.

This is the only time mta-live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	50.17.184.161 50.17.184.161	14618 (AMAZON-AES) (AMAZON-AES)
1	54.231.193.129 54.231.193.129	16509 (AMAZON-02) (AMAZON-02)
1	52.217.121.64 52.217.121.64	16509 (AMAZON-02) (AMAZON-02)
4	18.173.205.90 18.173.205.90	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.64 13.224.189.64	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	16.182.64.217 16.182.64.217	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
3	2a01:111:202c... 2a01:111:202c::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.245.60.50 18.245.60.50	16509 (AMAZON-02) (AMAZON-02)
1	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	54.69.144.143 54.69.144.143	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::201b	15169 (GOOGLE) (GOOGLE)
34	15

7 50.17.184.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-184-161.compute-1.amazonaws.com

mta-live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mta-live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.193.129 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.121.64 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.205.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-90.fra56.r.cloudfront.net

i.moal.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-64.fra2.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.64.217 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-50.fra60.r.cloudfront.net

dnzkifeab6.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.144.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-144-143.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	lytics.io c.lytics.io — Cisco Umbrella Rank: 13419	64 KB
7	mta-live.com mta-live.com api.mta-live.com	998 KB
5	amazonaws.com portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 800978 s3.amazonaws.com dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 738546	54 KB
4	moal.tech i.moal.tech	28 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	278 KB
2	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 18625 api.getblueshift.com — Cisco Umbrella Rank: 14584	4 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 394	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 702	406 B
34	10

	Domain	Requested by
7	c.lytics.io	portrait-tracker.s3.amazonaws.com c.lytics.io
4	i.moal.tech
4	api.mta-live.com	mta-live.com
3	bat.bing.com	mta-live.com bat.bing.com
3	www.googletagmanager.com	portrait-tracker.s3.amazonaws.com mta-live.com www.googletagmanager.com
3	mta-live.com	mta-live.com
2	dnzkifeab6.execute-api.us-east-1.amazonaws.com	portrait-tracker.s3.amazonaws.com
2	portrait-tracker.s3.amazonaws.com	mta-live.com portrait-tracker.s3.amazonaws.com
1	storage.googleapis.com	c.lytics.io
1	api.getblueshift.com	cdn.getblueshift.com
1	region1.google-analytics.com	www.googletagmanager.com
1	trc.taboola.com
1	cdn.getblueshift.com	portrait-tracker.s3.amazonaws.com
1	s3.amazonaws.com
34	14

This site contains links to these domains. Also see Links.

Domain
mtacommandcenter.com
s3.amazonaws.com
insights.mta-live.com
monumenttradersalliance.com
privacyportal-cdn.onetrust.com
mtatrader.pro

Subject Issuer	Validity	Valid
mta-live.com Amazon RSA 2048 M03	`2024-04-04` - `2025-05-03`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
i.moal.tech Amazon RSA 2048 M03	`2024-06-17` - `2025-07-16`	a year	crt.sh
lytics.io E1	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.getblueshift.com Amazon RSA 2048 M02	`2024-06-08` - `2025-07-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M03	`2024-01-08` - `2025-02-04`	a year	crt.sh
storage.googleapis.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mta-live.com/
Frame ID: B6DF7EAC85805CAE4122AA03DF5ECFE6
Requests: 32 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: 14AF4300C61BBB9D86ECCE0CFB3EF055
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MTA Live

Page URL History Show full URLs

http://mta-live.com/ HTTP 307
https://mta-live.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

34
Requests

100 %
HTTPS

40 %
IPv6

10
Domains

14
Subdomains

15
IPs

3
Countries

1440 kB
Transfer

7376 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://mtacommandcenter.com/
Title: Command Center

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/assets.monumenttradersalliance.com/schedule-a-call/index.html
Title: Talk to UsDiscover how our products can empower your investments. Call our VIP Sales Team today and get personalized advice tailored to your financial goals. Don’t wait—unlock your market potential now!

Search URL Search Domain Scan URL

URL: https://insights.mta-live.com/check-out-our-mobile-app/
Title: Check Out Our App!In today's fast-paced world, staying informed about market trends is more crucial than ever. With the Trade of The Day app, you have the ultimate tool right at your fingertips.

Search URL Search Domain Scan URL

URL: https://insights.mta-live.com/category/reports/
Title: Free ReportsElevate your trading game with our comprehensive free reports. Gain access to expert strategies and detailed walkthroughs, all designed to help you navigate the complexities of the market with confidence.

Search URL Search Domain Scan URL

URL: https://monumenttradersalliance.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/feee9b06-9e54-4d68-9781-49bd3431ed84.html
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

URL: https://mtatrader.pro/WOH-Trial
Title: https://mtatrader.pro/WOH-Trial

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mta-live.com/ HTTP 307
https://mta-live.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mta-live.com/
Redirect Chain

http://mta-live.com/
https://mta-live.com/

997 B
534 B

320ms
101ms

Document
text/html

50.17.184.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mta-live.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.17.184.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-184-161.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: c0ef09869716f6b53a936848078486873b37ead5e6b00bb07f67a4291d91a652

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Mon, 17 Jun 2024 13:08:01 GMT
etag: W/"666b6223-3e5"
last-modified: Thu, 13 Jun 2024 21:18:27 GMT
server: nginx
x-powered-by: PleskLin

Redirect headers

Location: https://mta-live.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 main.fe54f299.js Show response
mta-live.com/static/js/ 6 MB
933 KB 306ms
306ms Script
application/javascript 50.17.184.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mta-live.com/static/js/main.fe54f299.js
Requested by: Host: mta-live.com
URL: https://mta-live.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.17.184.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-184-161.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 57b479c066dc9e7988b65b995958ff69b0117df19a671f8cf1493bacc94101e2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:01 GMT
content-encoding: br
last-modified: Thu, 13 Jun 2024 21:18:27 GMT
server: nginx
etag: W/"666b6223-598e95"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 main.9fa6c8e3.css
mta-live.com/static/css/ 211 KB
32 KB 206ms
206ms Stylesheet
text/css 50.17.184.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mta-live.com/static/css/main.9fa6c8e3.css
Requested by: Host: mta-live.com
URL: https://mta-live.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.17.184.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-184-161.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: db089ad47369541c4d9e7a5cd0c2de0022806ad1c7529cbe1b822e7b4bb3a7ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:01 GMT
content-encoding: br
last-modified: Thu, 13 Jun 2024 21:18:27 GMT
server: nginx
etag: W/"666b6223-34be7"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 settings Show response
api.mta-live.com/api/ 63 KB
22 KB 431ms
204ms XHR
application/json 50.17.184.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mta-live.com/api/settings

Requested by

Host: mta-live.com
URL: https://mta-live.com/static/js/main.fe54f299.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.17.184.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-184-161.compute-1.amazonaws.com

Software

nginx / Express, PleskLin

Resource Hash

bf662d60cbc9e3937f504396ae94c273107b39418580bace9002af2d9cce89a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-permitted-cross-domain-policies: none
x-powered-by: Express, PleskLin
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"fa09-/v9rjTC0Ukdz/a4KX4OucqVboNA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1

GET
H2 200 botMessage Show response
api.mta-live.com/api/ 2 KB
2 KB 329ms
105ms XHR
application/json 50.17.184.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mta-live.com/api/botMessage

Requested by

Host: mta-live.com
URL: https://mta-live.com/static/js/main.fe54f299.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.17.184.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-184-161.compute-1.amazonaws.com

Software

nginx / Express, PleskLin

Resource Hash

7e639f6ea7dcc992bbf65e83d84dd4396c8969afe8f818be89a5e67ebdce2386

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-permitted-cross-domain-policies: none
x-powered-by: Express, PleskLin
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"826-yOqwSzodkOIgsnFSU/Q3ghwBGXM"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1

GET
H2 200 active Show response
api.mta-live.com/api/poll/ 0
635 B 331ms
107ms XHR
text/plain 50.17.184.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mta-live.com/api/poll/active

Requested by

Host: mta-live.com
URL: https://mta-live.com/static/js/main.fe54f299.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.17.184.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-184-161.compute-1.amazonaws.com

Software

nginx / Express, PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-powered-by: Express, PleskLin
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 0
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
origin-agent-cluster: ?1

GET
H/1.1 200
OK all.js Show response
portrait-tracker.s3.amazonaws.com/ 38 KB
38 KB 350ms
119ms Script
application/javascript 54.231.193.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/all.js
Requested by: Host: mta-live.com
URL: https://mta-live.com/static/js/main.fe54f299.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 54.231.193.129 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 13:08:03 GMT
x-amz-version-id: DJTsKKAXZAjX88yytY8IZ9oo.cyFutLW
Last-Modified: Tue, 12 Mar 2024 18:03:33 GMT
Server: AmazonS3
x-amz-request-id: KYGRC97DB3D38M19
ETag: "7a4866af82b3d9c4147211938ab5004d"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 38527
x-amz-id-2: wYikMzPkFB9gAegYj6nriyJEwUSbKqDaAuv7BGDvow5Iz5QGnBKxkNWfA6IrQlv/l/FsiSiDZzg=

GET
H/1.1 200
OK favicon.ico
s3.amazonaws.com/assets.mta-live.com/favicon/ 15 KB
15 KB 416ms
208ms Other
image/vnd.microsoft.icon 52.217.121.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.mta-live.com/favicon/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.217.121.64 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d87c6c0ad7e9644e5559639298882677eae92b5c24365db05159b37ebcfc7235

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 13:08:03 GMT
x-amz-version-id: null
Last-Modified: Tue, 16 Apr 2024 19:57:16 GMT
Server: AmazonS3
x-amz-request-id: KYGRZ6E2G67FYYHA
ETag: "c5892197c773a8d0186525adb89944de"
x-amz-server-side-encryption: AES256
Content-Type: image/vnd.microsoft.icon
Accept-Ranges: bytes
Content-Length: 15086
x-amz-id-2: sCN0GuDM4wsVOS/D5Lf9AW+hjN9FdpGq8ThKkBAelrlD/Vr5DxEsDoQY/LOke3j93yRcg0L4A4w=

GET
H2 200 x1QCOCuAsfeTDvntTxD9J.svg
i.moal.tech/ 16 KB
6 KB 119ms
38ms Image
image/svg+xml 18.173.205.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.moal.tech/x1QCOCuAsfeTDvntTxD9J.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c42811da2e3046bca0ab367cc5fd241fa1bed78d59a7fcb0fabbf6472d690d88

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 08:27:58 GMT
content-encoding: br
via: 1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 21:43:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 16805
x-amz-server-side-encryption: AES256
etag: W/"1facf7c182d9d4e1655fa49975b9501e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: OTO60iPa3hd2scIjobMtFuE2ZUcjKeMdArlFYb4Xk9zH4912VZMayA==

GET
H2 200 AYfTr73V7vi3yr263XVqY.svg
i.moal.tech/ 16 KB
6 KB 117ms
37ms Image
image/svg+xml 18.173.205.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.moal.tech/AYfTr73V7vi3yr263XVqY.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 913d8318f2e123ccef12a75bbbc09a922cd2c4dda22a961ec810740e61b3c7c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 08:27:58 GMT
content-encoding: br
via: 1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 21:44:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 16805
x-amz-server-side-encryption: AES256
etag: W/"a2c158437294ff2d98d2f134deece2c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 4ohgifMDEB3sfbIvfIwYmpDtmPvzX7TxYCaVXeZVOFHbqsSiOxIv7Q==

GET
H2 200 gIjg0P0w2MmEAR-V-SnRh.svg
i.moal.tech/ 16 KB
6 KB 109ms
29ms Image
image/svg+xml 18.173.205.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.moal.tech/gIjg0P0w2MmEAR-V-SnRh.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 913d8318f2e123ccef12a75bbbc09a922cd2c4dda22a961ec810740e61b3c7c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 08:27:58 GMT
content-encoding: br
via: 1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 21:44:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 16805
x-amz-server-side-encryption: AES256
etag: W/"a2c158437294ff2d98d2f134deece2c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ATd11md2fAfdYPQD3TEmSnrwktY_QWGu-mTvvzSSKVbzmKn8ga805g==

GET
H2 200 09e8NS-BRSn9UQoTtCxFx.png
i.moal.tech/ 10 KB
10 KB 107ms
28ms Image
image/png 18.173.205.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.moal.tech/09e8NS-BRSn9UQoTtCxFx.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa4572e1cf06a952ad02cca22b0dc11469c6e7780c4af21469a3ea7488489a66

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 08:27:58 GMT
via: 1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 21:46:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 16805
x-amz-server-side-encryption: AES256
etag: "e36b92bf4e25610dc237b47b1ba313a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 10302
x-amz-cf-id: iQNKzfhkDBc7Ndi4GgzYi9tkZeK2V8F43HdJhnEQJYNfVBtVE5eNDw==

GET
H2 200 / Show response
api.mta-live.com/api/publicMessage/all/ 76 KB
7 KB 133ms
132ms XHR
application/json 50.17.184.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mta-live.com/api/publicMessage/all/

Requested by

Host: mta-live.com
URL: https://mta-live.com/static/js/main.fe54f299.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.17.184.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-184-161.compute-1.amazonaws.com

Software

nginx / Express, PleskLin

Resource Hash

bac45160813a4abc1177539fe9783a55a29a65f8111feb07536481ceb2e37c0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:02 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-permitted-cross-domain-policies: none
x-powered-by: Express, PleskLin
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
etag: W/"12f65-R9NEbQK9n7QHCR+8xdbeGW0jL1U"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 68 KB
23 KB 94ms
43ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c5498e6b566cbdce24d58c797661ae67e8dfb2d75f3d5592017a881f9b1762

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:02 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4615
last-modified: Mon, 17 Jun 2024 11:51:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbMf67HG07wxLCs3KOOhIytfpFUbmFOVqqpcqOuAvSDb%2B5O1HHJiOt3h4MeHOWzboOKRuaw81GcoaAfR9sj6gEL6Nw1Bf%2BISOugkdWvUpAbdDTmlmpggw4uDtfRfsvXxm3WJWnhMXFCm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: e898cfe56097367c63e61091708994a8
cf-ray: 8953441e7f8cb731-AMS

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 6 KB
3 KB 100ms
24ms Script
application/javascript 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 13:03:28 GMT
Content-Encoding: gzip
Via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Age: 275
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2826
Last-Modified: Wed, 24 Jan 2024 03:44:50 GMT
Server: AmazonS3
ETag: "bd39fba69cd2745738daf44e0e350f6e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Amz-Cf-Id: 5bRvlLRjex9Wk3W9v3E093qkQCxa0_XpHYM9nJNleBKyX_tyWRdC_g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 364 KB
109 KB 115ms
60ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba2bbe1d9607c1ed0c97a5a8df034c25f3cafad243a2979db17738732b24d075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110793
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jun 2024 13:08:02 GMT

GET
H/1.1 200
OK index.html
portrait-tracker.s3.amazonaws.com/ Frame 14AF 0
0 315ms
116ms Document
text/html 16.182.64.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/index.html
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.64.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://mta-live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Length: 2371
Content-Type: text/html
Date: Mon, 17 Jun 2024 13:08:04 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
Server: AmazonS3
x-amz-id-2: Wp1IseT8t7oMnjOrFjHgV9k6WRzi9FM16I1fs89vqWD3XNtFxW545b5B1XWKwE9JeM7lx49Cols=
x-amz-request-id: RBVA71S17FQPFRR8
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5

GET
H2 200 bdbd77df-f27b-4aaf-8561-1916caf9f921 Show response
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 81 KB
14 KB 175ms
174ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/bdbd77df-f27b-4aaf-8561-1916caf9f921?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22bdbd77df-f27b-4aaf-8561-1916caf9f921%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22nl-NL%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22mta-live.com%2F%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1718629683194&callback=u_387889093460732200

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cc141eeb3b76cb226d3359bfd889b7464808045f7d51b152cc788c1edc2dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:03 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeE%2Faj1ByD3m1yXsgsbfeAFqKNV7KgX1zkmDmYrv70m43RbDtStrCMTZyYT8M0EipA%2BNt1hwr%2FEWCLr2B2KDBXlrEQ8KnOoiUNIbrT2l8LfutSEpYPgJyvQ693aQyCywtsu%2F8HtIHdcu"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: 27eddc1d662d8b28ff6c9f2432da5851
cf-ray: 8953442009beb731-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
603 B 142ms
142ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=2&_ul=nl-NL&_sz=1600x1200&_ts=1718629683167&_nmob=t&_device=desktop&url=mta-live.com%2F&_v=3.0.35&_uid=bdbd77df-f27b-4aaf-8561-1916caf9f921&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:03 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zCpCCffytzzAoMijT1lMiYnQLHLizR1povbFSRphtV5%2BPhK%2Fv8QNfS4lZT%2B3gkIclf5QzzY%2FS1v8I0Y0%2BpwTPtKujY4RaOXkunkSYwpEE%2F8FDF%2FsMHvtq9tx3r8eurUiWuVNW4iXpfv"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: a7683fe6dc6c6351c63f78ceef14e00f
cf-ray: 8953442009bfb731-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
406 B 69ms
22ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Dbdbd77df-f27b-4aaf-8561-1916caf9f921%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Mon, 17 Jun 2024 13:08:03 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 4132
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-bru1480075-BRU
pragma: no-cache
server: nginx
x-timer: S1718629683.429030,VS0,VE5
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
68 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M6DQ5Q7H

Requested by

Host: mta-live.com
URL: https://mta-live.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31942e157a225ee4aeb89840a58fababe2c0f243c042ea6afdc513df553f5d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69499
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jun 2024 13:08:03 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 123ms
36ms Script
application/javascript 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: mta-live.com
URL: https://mta-live.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 17 Jun 2024 13:08:03 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0E80773619D46399EFA25A3D510D0C1 Ref B: LON212050705031 Ref C: 2024-06-17T13:08:03Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

POST
H2 200 GetLyticsUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 76 B
611 B 360ms
359ms XHR
application/json 18.245.60.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-50.fra60.r.cloudfront.net
Software: /
Resource Hash: 674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jun 2024 13:08:04 GMT
via: 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-amzn-requestid: aa12bb96-2d35-4918-a96f-a10c5bf3f1f6
x-amzn-trace-id: Root=1-66703534-6a775e0b3dadabe925161d05;Parent=5197e4195f577e12;Sampled=0;lineage=17be0e8a:0
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-apigw-id: Zg1ALG0nIAMEpzw=
content-length: 76
x-amz-cf-id: bdLV_3DOtaE6C87wOF8gDOYLqC7uuXBWOzKv_Mjc_CI3gwZItHpaiw==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 362ms
300ms Preflight
application/json 18.245.60.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-50.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mta-live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Mon, 17 Jun 2024 13:08:03 GMT
via: 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
x-amz-apigw-id: Zg1AIF66oAMEUZQ=
x-amz-cf-id: WI8Tf3p70TAU4yeu19bciwlRi-Hjhs9nywQlPb4MuiHTELOTQ5g0hQ==
x-amz-cf-pop: FRA60-P5
x-amzn-requestid: d70bca94-627f-48dd-8b1d-858e96ad0bee
x-cache: Miss from cloudfront

GET
H2 200 portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ 35 B
336 B 139ms
138ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fmta-live.com%2F&page.timestamp=1718629682895&page.page_domain=mta-live.com&page.page_referrer=&page.page_title=MTA%20Live&identity.sessionid=_9mubg8y56i5&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&identity.clientid=73a90a9e-e7ca-4a18-922b-fb6a5a72deef&identity.login_state=logged-out&_ts=1718629683487&_nmob=t&_device=desktop&url=mta-live.com%2F&_uid=bdbd77df-f27b-4aaf-8561-1916caf9f921&_v=3.0.35&_uido=bdbd77df-f27b-4aaf-8561-1916caf9f921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:03 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xOctUTDWiwnkEmndWOXpLZUfApml1Nyd3ix7t7HIgkic75Vv1s1A9nDhV4oOVZmgvrf6J4Ve7p4VMhHZpLWswDNvNxa4yd7Lz%2F6Xo3CT6RhxQXPNwA6QI7acW0uBsAzCn5jHQPIkwHK"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 83757806474537b777542dca22666b7e
cf-ray: 89534421ebaab731-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 55ms
55ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BG4WNMQ7GS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6DQ5Q7H

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1436259cc9c415b906e370b73c28744a288752a88ce73fd5adb14f10825b5954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103716
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jun 2024 13:08:03 GMT

GET
H2 204 15322609.js Show response
bat.bing.com/p/action/ 0
119 B 37ms
36ms Script
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15322609.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 17 Jun 2024 13:08:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BD024497BFF4434EA9CC3FB58944FB99 Ref B: LON212050705031 Ref C: 2024-06-17T13:08:03Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 97ms
97ms Image
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=a84f5474-83fa-4922-b2fa-ffd6b098323e&sid=a16f10402caa11efa49c33a7835d8334&vid=a16f05802caa11efb73d052c00e580ee&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=MTA%20Live&p=https%3A%2F%2Fmta-live.com%2F&r=&lt=1294&evt=pageLoad&sv=1&rn=217482

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Jun 2024 13:08:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EFED535123764CC3959A3E3A219A656D Ref B: LON212050705031 Ref C: 2024-06-17T13:08:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 63ms
19ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BG4WNMQ7GS&gtm=45je46c0v9184717829z89184716452za200zb9184716452&_p=1718629682896&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=118880334.1718629684&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718629683&sct=1&seg=0&dl=https%3A%2F%2Fmta-live.com%2F&dt=MTA%20Live&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2717&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BG4WNMQ7GS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 13:08:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mta-live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 30ms
29ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:03 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 12:42:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1542
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ptIkghM7YqtzDS2Ux3%2BVoT%2Bef2nXS%2BuyXSn1Vosx7rmOnPXd7mYNBbYiQdQCkk2d1x1dLAFKQk8E3K2SK2k4arh4wCTf0YiUX5PfBXH5vxVMyOVVGi%2FZDvpRhv6v9Tx5c3uFZTTHkHo"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 895344244954b731-AMS

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
228 B 502ms
169ms XHR
image/gif 54.69.144.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1718629684&e=pageload&r=&z=959183&x=5475fa15fca6698857e67e2705849cfa&k=5351b7f6-a3a6-d42a-b2cc-82682b238fc3&u=https%3A%2F%2Fmta-live.com%2F
Requested by: Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.144.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-144-143.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://mta-live.com
date: Mon, 17 Jun 2024 13:08:04 GMT
access-control-expose-headers: etag
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 37ms
35ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:04 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 12:01:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4022
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9r5KKTcl5y1194qO%2BV8ghtdepf%2FVMmcgJl%2FcTu9PCl97qsCe9Bl8UQCTYPwbpiCvlG6AfB%2FDFSL%2FjAcZTUENDR4KEhLIqVG4rz79797wfRVP3h%2BlqJP%2FTwZwPG30%2FXKnnPvBG2OnDhMd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 89534425ab91b731-AMS

GET
H2 200 lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 602 B
1 KB 197ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 12:18:32 GMT
age: 2972
x-guploader-uploadid: ACJd0Npdx9DJm3pFLkl4d3YKB-v1Eh-4IwWkniDR8s7zixCytk5jHs3iiLAGxWJT5fUt1e4yfNo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
server: UploadServer
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-generation: 1538689646128559
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 602
accept-ranges: bytes
content-type: text/css
expires: Mon, 17 Jun 2024 13:18:32 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/9c32784e3cc4888a693a7988ad64c63d/ 353 B
719 B 29ms
28ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/9c32784e3cc4888a693a7988ad64c63d/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8144dd81871ff83480f71004b56e62a6cf2aa40cc9e3e1fa6c8f4a8a3bb6090f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://mta-live.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:08:04 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4131
content-length: 247
last-modified: Mon, 17 Jun 2024 11:59:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RGiEzc1tVd4UCR13pL5Jh6w59YOS7PuYtIcOuAlT0yuenDZUoJRU2MJSQ4asTl69sXGI7SK0AZgURgXqG4WNEcQo%2BzjbUVMUr0GCvY7Ap8BSaRs9EQCTq4HyDKDNQx0R6CMaZdNUnIZq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 4781df2daa28225211366707f95deebf
accept-ranges: bytes
cf-ray: 89534426ee04b731-AMS

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mta-live.com/	1970-01-20 21:23:51	Name: seerses Value: e
.mta-live.com/	1970-01-21 06:59:49	Name: seerid Value: bdbd77df-f27b-4aaf-8561-1916caf9f921
.lytics.io/	1970-01-21 06:59:49	Name: seerid Value: bdbd77df-f27b-4aaf-8561-1916caf9f921
.mta-live.com/	1970-01-20 21:25:16	Name: _uetsid Value: a16f10402caa11efa49c33a7835d8334
.mta-live.com/	1970-01-21 06:45:25	Name: _uetvid Value: a16f05802caa11efb73d052c00e580ee
.bing.com/	1970-01-21 06:45:25	Name: MUID Value: 040614B12D9B609210F700102CE2612C
.mta-live.com/	1970-01-21 06:59:49	Name: _ga Value: GA1.1.118880334.1718629684
.mta-live.com/	1970-01-21 06:59:49	Name: _ga_BG4WNMQ7GS Value: GS1.1.1718629683.1.0.1718629683.0.0.0
.mta-live.com/	1970-01-21 06:09:25	Name: _bs Value: 5351b7f6-a3a6-d42a-b2cc-82682b238fc3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getblueshift.com
api.mta-live.com
bat.bing.com
c.lytics.io
cdn.getblueshift.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com
i.moal.tech
mta-live.com
portrait-tracker.s3.amazonaws.com
region1.google-analytics.com
s3.amazonaws.com
storage.googleapis.com
trc.taboola.com
www.googletagmanager.com
13.224.189.64
16.182.64.217
18.173.205.90
18.245.60.50
2001:4860:4802:32::36
216.58.206.40
2606:4700:20::681a:316
2a00:1450:4001:808::2008
2a00:1450:4001:80b::201b
2a01:111:202c::237
2a04:4e42:600::300
50.17.184.161
52.217.121.64
54.231.193.129
54.69.144.143
0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
1436259cc9c415b906e370b73c28744a288752a88ce73fd5adb14f10825b5954
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
31942e157a225ee4aeb89840a58fababe2c0f243c042ea6afdc513df553f5d86
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
57b479c066dc9e7988b65b995958ff69b0117df19a671f8cf1493bacc94101e2
5cc141eeb3b76cb226d3359bfd889b7464808045f7d51b152cc788c1edc2dfe9
63c5498e6b566cbdce24d58c797661ae67e8dfb2d75f3d5592017a881f9b1762
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7e639f6ea7dcc992bbf65e83d84dd4396c8969afe8f818be89a5e67ebdce2386
8144dd81871ff83480f71004b56e62a6cf2aa40cc9e3e1fa6c8f4a8a3bb6090f
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
913d8318f2e123ccef12a75bbbc09a922cd2c4dda22a961ec810740e61b3c7c8
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5
ba2bbe1d9607c1ed0c97a5a8df034c25f3cafad243a2979db17738732b24d075
bac45160813a4abc1177539fe9783a55a29a65f8111feb07536481ceb2e37c0c
bf662d60cbc9e3937f504396ae94c273107b39418580bace9002af2d9cce89a8
c0ef09869716f6b53a936848078486873b37ead5e6b00bb07f67a4291d91a652
c42811da2e3046bca0ab367cc5fd241fa1bed78d59a7fcb0fabbf6472d690d88
d87c6c0ad7e9644e5559639298882677eae92b5c24365db05159b37ebcfc7235
db089ad47369541c4d9e7a5cd0c2de0022806ad1c7529cbe1b822e7b4bb3a7ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa4572e1cf06a952ad02cca22b0dc11469c6e7780c4af21469a3ea7488489a66

mta-live.com Open in urlscan Pro 50.17.184.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

40 %IPv6

10 Domains

14 Subdomains

15 IPs

3 Countries

1440 kBTransfer

7376 kBSize

9 Cookies

7 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mta-live.com Open in urlscan Pro
50.17.184.161 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

40 %
IPv6

10
Domains

14
Subdomains

15
IPs

3
Countries

1440 kB
Transfer

7376 kB
Size

9
Cookies

34 HTTP transactions
0 data transactions