urlscan.io logo urlscan.io
SecurityTrails logo

visa-ww.com Open in urlscan Pro
23.29.123.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Effective URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Submission: On April 12 via manual from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 19 HTTP transactions. The main IP is 23.29.123.36, located in United States and belongs to HVC-AS, US. The main domain is visa-ww.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 8th 2021. Valid for: 3 months.
This is the only time visa-ww.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    23.29.123.36 (United States)

ASN29802 (HVC-AS, US)
PTR: web1.dal.hostingserver123.com
visa-ww.com
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3036::6815:523e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.foxpush.net
3    2600:9000:2182:ee00:1:606d:d280:21 (United States)

ASN16509 (AMAZON-02, US)
dvtfi1waop8i2.cloudfront.net
1    207.241.224.2 (San Francisco, United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: www.archive.org
archive.org
1    207.241.233.51 (San Francisco, United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia802901.us.archive.org
ia802901.us.archive.org
1    2606:4700:20::ac43:4a0f (United States)

ASN13335 (CLOUDFLARENET, US)
json.foxpush.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
3 dvtfi1waop8i2.cloudfront.net visa-ww.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com visa-ww.com
www.googletagmanager.com
2 www.gstatic.com visa-ww.com
2 visa-ww.com visa-ww.com
1 stats.g.doubleclick.net www.google-analytics.com
1 json.foxpush.com cdn.foxpush.net
1 ia802901.us.archive.org visa-ww.com
1 archive.org 1 redirects
1 cdn.foxpush.net visa-ww.com
1 1.bp.blogspot.com visa-ww.com
1 code.jquery.com visa-ww.com
19 12

This site contains no links.

Subject Issuer Validity Valid
visa-ww.com
cPanel, Inc. Certification Authority		 2021-03-08 -
2021-06-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
foxpush.net
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.us.archive.org
Go Daddy Secure Certificate Authority - G2		 2019-12-23 -
2022-02-21		 2 years crt.sh
foxpush.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Frame ID: 8329ADAC24B17D35A5368DE88687D84E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

75 %
IPv6

11
Domains

12
Subdomains

12
IPs

4
Countries

328 kB
Transfer

806 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://archive.org/download/duaa01/duaa01.mp3 HTTP 302
  • https://ia802901.us.archive.org/32/items/duaa01/duaa01.mp3

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request u.php
visa-ww.com/ramadan21/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.29.123.36 , United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.dal.hostingserver123.com
Software
LiteSpeed / PHP/5.6.40
Resource Hash
1fba1a2c563ce67dd61ade00c7f4e0bcb6f4c0e82625dbd48f3b6cd1e3f25a98

Request headers

:method
GET
:authority
visa-ww.com
:scheme
https
:path
/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by
PHP/5.6.40
content-type
text/html; charset=UTF-8
content-length
4085
content-encoding
br
vary
Accept-Encoding
date
Mon, 12 Apr 2021 11:12:26 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
al1.css
visa-ww.com/ramadan21/ 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visa-ww.com/ramadan21/al1.css
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.29.123.36 , United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.dal.hostingserver123.com
Software
LiteSpeed /
Resource Hash
058d62b00cfa97994b0cfd3c6f48c9018337552bb8e9699a2691bd928626a0f1

Request headers

Referer
https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:26 GMT
content-encoding
br
last-modified
Sat, 03 Apr 2021 15:00:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2925
expires
Mon, 19 Apr 2021 11:12:26 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117448915-1
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c56e221431e1d3a0c2b184d52e71ba80af8af515b383ceea39ec9e4f7ccd4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39120
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Apr 2021 11:12:26 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111659760-1
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82cf082dcb1b10a8216589536da59696176622843aced12214ab52a8621f1f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39118
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Apr 2021 11:12:26 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.1.0/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.1.0/firebase-app.js
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
494a12276e0c065aa08a8cb2f840f9e51b4a64019786b5f0b31c34392a9ca179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 21:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Jun 2018 18:29:07 GMT
server
sffe
age
50605
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12418
x-xss-protection
0
expires
Mon, 11 Apr 2022 21:09:01 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.1.0/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.1.0/firebase-messaging.js
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
246fef45b3c78c283fb603de040c9263bbb48532dcb057d4045a790b1b149318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 06:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Jun 2018 18:29:07 GMT
server
sffe
age
535480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10046
x-xss-protection
0
expires
Wed, 06 Apr 2022 06:27:46 GMT
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:26 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1618225946.dop161.fr8.t,1618225946.cds236.fr8.hn,1618225946.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
%25D8%25B1%25D9%2585%25D8%25B6%25D8%25A7%25D9%25862021.png
1.bp.blogspot.com/-ZuN9l0g0pEY/YEarrAZEaVI/AAAAAAAAHXQ/VoQxAGw7vcsirzdPYWK7SbwLYSjOzmynQCLcBGAsYHQ/s0/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ZuN9l0g0pEY/YEarrAZEaVI/AAAAAAAAHXQ/VoQxAGw7vcsirzdPYWK7SbwLYSjOzmynQCLcBGAsYHQ/s0/%25D8%25B1%25D9%2585%25D8%25B6%25D8%25A7%25D9%25862021.png
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
77c680598eef95a64148b1380ae3f6be769fe6b300dd1e6e1e55e540d535d514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 08:04:43 GMT
x-content-type-options
nosniff
age
11263
content-disposition
inline;filename="_____2021.png";filename*=UTF-8''%D8%B1%D9%85%D8%B6%D8%A7%D9%862021.png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87334
x-xss-protection
0
server
fife
etag
"v1d75"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 10 Apr 2021 19:33:56 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117448915-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
4850
date
Mon, 12 Apr 2021 09:51:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Mon, 12 Apr 2021 11:51:36 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111659760-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117448915-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7ecbb95561557b2e7860aa0190082891e6d0bdab345d578ae1ffd25d0ed503f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39175
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Apr 2021 11:12:26 GMT
foxpush_SDK_min.js
cdn.foxpush.net/sdk/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:523e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2faba0979be29c89b8d08ef63c816e10a6a144e28099bec603f516c795ea29

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:26 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09676178fd00004d8aea2a4000000001
last-modified
Wed, 20 Jan 2021 19:30:29 GMT
server
cloudflare
etag
W/"9d36-1772146e39a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B9P1aS3E3hX0TjM690Q%2B2x5ZjsGIPOy3OV2e13kih4AFgOznzcdlIAQN7rsdyy18bIR5PVkdgQcQ9NcxlpCW%2F4GNZgnXqin%2BwiIUc1NmLnPHYvC0wIbkGJuIibg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
63ec0507ff164d8a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
bk1.gif
dvtfi1waop8i2.cloudfront.net/hsds/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dvtfi1waop8i2.cloudfront.net/hsds/bk1.gif
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/al1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ee00:1:606d:d280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
040d5e5c453762e9b47c097f3d4140fd63c15bf92301415c2a77ccc9387380eb

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:35:09 GMT
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified
Wed, 26 Dec 2018 06:51:36 GMT
server
AmazonS3
age
5031438
etag
"8d984e311fb9f97875d613a230b06a03"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=63072000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/gif
content-length
18701
x-amz-cf-id
hfQkJO3iaWE20lNg-aN1AbF-LeZuCiCZUU4Si15Jln0pATluDZeUkw==
bk3.gif
dvtfi1waop8i2.cloudfront.net/hsds/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dvtfi1waop8i2.cloudfront.net/hsds/bk3.gif
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/al1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ee00:1:606d:d280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51707e663dd3c32c26e1e5fc53a23b9b635cc0d1131ada8ae0a888cc5879223a

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 04:48:13 GMT
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified
Wed, 26 Dec 2018 06:51:36 GMT
server
AmazonS3
age
5552654
etag
"ad2b1ec7d4fe26d65b6c60f2cd8b2281"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=63072000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/gif
content-length
1882
x-amz-cf-id
e1INEE_erXhsoCRQWsVPpjdZ2IPJFJ2-kkPCGp9LtDNuR5gPTCFfcA==
bb.jpg
dvtfi1waop8i2.cloudfront.net/hsds/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dvtfi1waop8i2.cloudfront.net/hsds/bb.jpg
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/al1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ee00:1:606d:d280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b91c6b5d726b5b5af2ee9577083dec0b390b66497833837907c54891cde0cdd2

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 16:08:20 GMT
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified
Wed, 26 Dec 2018 06:51:36 GMT
server
AmazonS3
age
5857447
etag
"7c875e0bce052b3df88e12dddec6c819"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=63072000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
14798
x-amz-cf-id
9IqySFJyMCnt8sbqByBLK4Cl01SItOeruxUEDMnGFT1XhRNggfKymA==
duaa01.mp3
ia802901.us.archive.org/32/items/duaa01/
Redirect Chain
  • https://archive.org/download/duaa01/duaa01.mp3
  • https://ia802901.us.archive.org/32/items/duaa01/duaa01.mp3
112 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://ia802901.us.archive.org/32/items/duaa01/duaa01.mp3
Requested by
Host: visa-ww.com
URL: https://visa-ww.com/ramadan21/u.php?n=%D9%81%D9%88%D8%B2%D9%8A%D9%87-%D8%B9%D8%B3%D9%8A%D8%B1%D9%8A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.241.233.51 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),
Reverse DNS
ia802901.us.archive.org
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:27 GMT
last-modified
Fri, 17 Apr 2020 12:23:18 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-origin
*
etag
"5e999fb6-4d6254"
strict-transport-security
max-age=15724800
content-type
audio/mpeg
Content-Range
bytes 0-5071443/5071444
cache-control
max-age=21600
Content-Length
5071444
expires
Mon, 12 Apr 2021 17:12:27 GMT

Redirect headers

date
Mon, 12 Apr 2021 11:12:27 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.16.1 (Ubuntu)
location
https://ia802901.us.archive.org/32/items/duaa01/duaa01.mp3
strict-transport-security
max-age=15724800
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/ 		2 B
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=137081165&t=pageview&_s=1&dl=https%3A%2F%2Fvisa-ww.com%2Framadan21%2Fu.php%3Fn%3D%25D9%2581%25D9%2588%25D8%25B2%25D9%258A%25D9%2587-%25D8%25B9%25D8%25B3%25D9%258A%25D8%25B1%25D9%258A&ul=en-us&de=UTF-8&dt=%D8%B3%D9%86%D8%A9%20%D9%87%D8%AC%D8%B1%D9%8A%D8%A9%20%D8%B3%D8%B9%D9%8A%D8%AF%D8%A9%201442&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1165096931&gjid=1331836676&cid=517793563.1618225947&tid=UA-117448915-1&_gid=815067154.1618225947&_r=1&gtm=2ou3v0&z=1514021168
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 11:12:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://visa-ww.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=137081165&t=pageview&_s=1&dl=https%3A%2F%2Fvisa-ww.com%2Framadan21%2Fu.php%3Fn%3D%25D9%2581%25D9%2588%25D8%25B2%25D9%258A%25D9%2587-%25D8%25B9%25D8%25B3%25D9%258A%25D8%25B1%25D9%258A&ul=en-us&de=UTF-8&dt=%D8%B3%D9%86%D8%A9%20%D9%87%D8%AC%D8%B1%D9%8A%D8%A9%20%D8%B3%D8%B9%D9%8A%D8%AF%D8%A9%201442&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=168900404&gjid=829821557&cid=517793563.1618225947&tid=UA-111659760-1&_gid=815067154.1618225947&_r=1&gtm=2ou3v0&z=1443716481
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 11:12:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://visa-ww.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
visa-wwcom.json
json.foxpush.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://json.foxpush.com/visa-wwcom.json?v=0.47985381047288556
Requested by
Host: cdn.foxpush.net
URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e15788838772573c206e16e7bdda9de0a56cb935fb33265820bc7e58d2ba41bb

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 11:12:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
096761798000000621d31ac000000001
last-modified
Mon, 12 Apr 2021 01:14:50 GMT
server
cloudflare
etag
W/"521-178c3a54233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sgHhzphRmk4s6MjcDtOQJTXdexiP7sRBvyzHv1UwUGftUCtlb5P4dBywyAwZwr2VfYoX8KdUxNM9QuxPX9lE%2F0rgxWmpUFX97YvmtgTPQz9IlvUaPztyqPM0RFMK"}],"max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
63ec0508cedb0621-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-117448915-1&cid=517793563.1618225947&jid=1165096931&gjid=1331836676&_gid=815067154.1618225947&_u=IEBAAUAAAAAAAC~&z=302225200
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://visa-ww.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 12 Apr 2021 11:12:27 GMT
content-type
text/plain
access-control-allow-origin
https://visa-ww.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		364 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| _foxpush object| core object| __core-js_shared__ object| firebase function| $ function| jQuery number| countDownDate number| x object| gaplugins object| gaGlobal object| gaData number| FOXPUSH_SDK_version object| foxpush_config boolean| foxpush_popup_allowed boolean| is_foxpush_frame_loaded object| _foxpush_object function| _foxpush_removeA function| _foxpush_check_segment function| _foxpush_local_segment function| _foxpush_subscribe function| _foxpush_unsubscribe undefined| foxpush_log undefined| obj object| foxpush_browser function| fox_appendHtml function| IsJsonString function| foxpsuh_blocked function| isFacebookApp function| foxpush_window function| hexToRgb function| _foxpush_querystring function| _foxpush_apply_page_rules string| eventMethod function| eventer string| messageEvent object| foxpush_request object| _foxpush_templates

4 Cookies

Domain/Path Name / Value
.visa-ww.com/ Name: _gat_gtag_UA_117448915_1
Value: 1
.visa-ww.com/ Name: _gid
Value: GA1.2.815067154.1618225947
.visa-ww.com/ Name: _gat_gtag_UA_111659760_1
Value: 1
.visa-ww.com/ Name: _ga
Value: GA1.2.517793563.1618225947

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js(Line 2)
Message:
%c Push notifications powered by: FoxPush.com background: #222; color: #bada55;font-size:20px;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
archive.org
cdn.foxpush.net
code.jquery.com
dvtfi1waop8i2.cloudfront.net
ia802901.us.archive.org
json.foxpush.com
stats.g.doubleclick.net
visa-ww.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
2001:4de0:ac18::1:a:3a
207.241.224.2
207.241.233.51
23.29.123.36
2600:9000:2182:ee00:1:606d:d280:21
2606:4700:20::ac43:4a0f
2606:4700:3036::6815:523e
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:400c:c0b::9c
040d5e5c453762e9b47c097f3d4140fd63c15bf92301415c2a77ccc9387380eb
058d62b00cfa97994b0cfd3c6f48c9018337552bb8e9699a2691bd928626a0f1
1fba1a2c563ce67dd61ade00c7f4e0bcb6f4c0e82625dbd48f3b6cd1e3f25a98
223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53
246fef45b3c78c283fb603de040c9263bbb48532dcb057d4045a790b1b149318
494a12276e0c065aa08a8cb2f840f9e51b4a64019786b5f0b31c34392a9ca179
4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca
4c56e221431e1d3a0c2b184d52e71ba80af8af515b383ceea39ec9e4f7ccd4ba
51707e663dd3c32c26e1e5fc53a23b9b635cc0d1131ada8ae0a888cc5879223a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8
77c680598eef95a64148b1380ae3f6be769fe6b300dd1e6e1e55e540d535d514
82cf082dcb1b10a8216589536da59696176622843aced12214ab52a8621f1f6a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
ad2faba0979be29c89b8d08ef63c816e10a6a144e28099bec603f516c795ea29
b91c6b5d726b5b5af2ee9577083dec0b390b66497833837907c54891cde0cdd2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e15788838772573c206e16e7bdda9de0a56cb935fb33265820bc7e58d2ba41bb
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7ecbb95561557b2e7860aa0190082891e6d0bdab345d578ae1ffd25d0ed503f