urlscan.io logo urlscan.io
SecurityTrails logo

www.sgexitpromos.com Open in urlscan Pro
2606:4700::6812:446  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sgexitpromos.com/
Effective URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl
Submission: On January 21 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700::6812:446, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sgexitpromos.com.
TLS certificate: Issued by R3 on December 30th 2022. Valid for: 3 months.
This is the only time www.sgexitpromos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
28 4
Apex Domain
Subdomains		 Transfer
19 sgexitpromos.com
www.sgexitpromos.com
333 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
381 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
42 KB
28 3
Domain Requested by
19 www.sgexitpromos.com 1 redirects www.sgexitpromos.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.sgexitpromos.com
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
28 4

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
www.sgexitpromos.com
R3		 2022-12-30 -
2023-03-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.sgexitpromos.com/cgi-bin/wingame.pl
Frame ID: 5C998DBA940D23CD17088DC9FC0C9245
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
Frame ID: A831B5A04412632D57A4942F5AB9EE24
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SG Exit Widget

Page URL History Show full URLs

  1. http://www.sgexitpromos.com/ HTTP 302
    https://www.sgexitpromos.com/cgi-bin/wingame.pl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mootools.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

756 kB
Transfer

1559 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sgexitpromos.com/ HTTP 302
    https://www.sgexitpromos.com/cgi-bin/wingame.pl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wingame.pl
www.sgexitpromos.com/cgi-bin/
Redirect Chain
  • http://www.sgexitpromos.com/
  • https://www.sgexitpromos.com/cgi-bin/wingame.pl?
42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce8709c64f28b9ac3c02bb01d0bbfb7fc376eeaa4972aba41ef2a2e0b2cfe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
78d0cc2aeed4bb79-FRA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 21 Jan 2023 14:39:08 GMT
server
cloudflare
strict-transport-security
max-age=31536000
x-firstpage
1
x-map-context
sg
x-page
reg_full
x-served-by
d-03

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
78d0cc2a6972bc01-FRA
Connection
keep-alive
Content-Type
text/html
Date
Sat, 21 Jan 2023 14:39:07 GMT
Location
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Server
cloudflare
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
URI
<https://www.sgexitpromos.com/cgi-bin/wingame.pl?>
X-Map-Context
sg
X-Served-By
d-02
default.css
www.sgexitpromos.com/_global/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/css/default.css?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-04
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 18 Feb 2019 07:52:24 GMT
server
cloudflare
x-map-context
sg
etag
W/"5c6a6438-10e7"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ec4bb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
font-awesome.min.css
www.sgexitpromos.com/_global/fonts/font-awesome-4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-01
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 18 Aug 2016 09:52:51 GMT
server
cloudflare
x-map-context
sg
etag
W/"57b58573-71c7"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ec9bb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
series.css
www.sgexitpromos.com/_global/wingame/66/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/wingame/66/css/series.css?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48ab120aeb349fd3e582a7313d4a1812a565853ee8dc522a304eafa0727bc53a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-04
date
Sat, 21 Jan 2023 14:39:09 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 11 Dec 2018 14:32:52 GMT
server
cloudflare
x-map-context
sg
etag
W/"5c0fca94-2fe6"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ecabb79-FRA
expires
Sun, 22 Jan 2023 14:39:09 GMT
sweepstake.css
www.sgexitpromos.com/wingame/48/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/wingame/48/css/sweepstake.css?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8ae29a008c84822d2090e225f1b1cc626fbafce58513db8174434dc3909d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-04
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 09 Jan 2023 01:10:33 GMT
server
cloudflare
x-map-context
sg
etag
W/"63bb6989-30a1"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
78d0cc2e2eccbb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
MooTools-Core-1.6.0-compressed.js
www.sgexitpromos.com/_global/js/framework/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-02
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
cloudflare
x-map-context
sg
etag
W/"5a059201-15e64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ecdbb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
moolidator.js
www.sgexitpromos.com/_global/js/ 		42 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/js/moolidator.js?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142ba1bcb42432325ecf1c28ea83919ed1d6d686493fb035921e45e07ec7a430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-02
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 16 Jan 2023 09:24:19 GMT
server
cloudflare
x-map-context
sg
etag
W/"63c517c3-a7ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ed1bb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
moolidator_rules.js
www.sgexitpromos.com/_global/js/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/js/moolidator_rules.js?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85025e20eecb98cd15465487858233f6e7295423eef2317bc6e5a1f959fcdab0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-03
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 03 Nov 2022 08:50:35 GMT
server
cloudflare
x-map-context
sg
etag
W/"636380db-6836"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ed3bb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
scripts.js
www.sgexitpromos.com/_global/js/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/js/scripts.js?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-03
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 21 Jul 2022 07:31:48 GMT
server
cloudflare
x-map-context
sg
etag
W/"62d900e4-dd9a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ed5bb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
global.js
www.sgexitpromos.com/wingame/global/js/ 		495 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/wingame/global/js/global.js?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c9ca1210a14096e9078bd3d713390d07e5efb4bdd433f839dee3b0f0c25d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-04
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 19 May 2020 09:57:38 GMT
server
cloudflare
x-map-context
sg
etag
W/"5ec3ad92-1ef"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ed7bb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
series.js
www.sgexitpromos.com/_global/wingame/66/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/wingame/66/js/series.js?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3a393e3b81bd5523add3d4372de2343f6f1f0610bae54ee7b13bae6266ec93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-03
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 19 Nov 2020 08:59:42 GMT
server
cloudflare
x-map-context
sg
etag
W/"5fb633fe-2a6c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e2ed8bb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
sweepstake.js
www.sgexitpromos.com/wingame/48/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/wingame/48/js/sweepstake.js?2023-01-20.2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20285bd92ce5eb1c5949bab45cea9405b93796354ed64d381ea0482610bcd63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-01
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 17 Jan 2023 08:03:07 GMT
server
cloudflare
x-map-context
sg
etag
W/"63c6563b-182b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e3eebbb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
streetfill_mooli_lite.js
www.sgexitpromos.com/wingame/global/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/wingame/global/js/streetfill_mooli_lite.js
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9db72d714c9d24fcc5a807dc7db39d92fbd4ba81ab795c635d0e61956497eca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-03
date
Sat, 21 Jan 2023 14:39:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 04 May 2020 09:08:58 GMT
server
cloudflare
x-map-context
sg
etag
W/"5eafdbaa-1914"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc2e3eefbb79-FRA
expires
Sun, 22 Jan 2023 14:39:08 GMT
api.js
www.google.com/recaptcha/ 		944 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallBack&render=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2fa9aa081f9480501867d021a53681955ba1cf050f307a8eeb59032588aeb023
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 14:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
606
x-xss-protection
1; mode=block
expires
Sat, 21 Jan 2023 14:39:08 GMT
201822044313_50x50_scootlogo3.png
www.sgexitpromos.com/_static/_webupload/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sgexitpromos.com/_static/_webupload/201822044313_50x50_scootlogo3.png
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6524f7a99f239fa77fa985475b792839954bfbd0d71c6e1578a51dc84d7a0cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 14:39:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Tue, 20 Dec 2022 06:23:20 GMT
server
cloudflare
etag
"730808169"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d0cc34efbcbb79-FRA
content-length
3194
expires
Sun, 22 Jan 2023 14:39:09 GMT
Montserrat-Bold.woff2
www.sgexitpromos.com/_static/_global/_supload/fonts/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_static/_global/_supload/fonts/Montserrat-Bold.woff2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Origin
https://www.sgexitpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 14:39:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Thu, 24 Sep 2020 13:54:06 GMT
server
cloudflare
etag
"3432605846"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d0cc34efbfbb79-FRA
content-length
88708
expires
Sun, 22 Jan 2023 14:39:09 GMT
Montserrat-Regular.woff2
www.sgexitpromos.com/_static/_global/_supload/fonts/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_static/_global/_supload/fonts/Montserrat-Regular.woff2
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
Origin
https://www.sgexitpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 14:39:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Thu, 24 Sep 2020 13:54:07 GMT
server
cloudflare
etag
"1414937668"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d0cc34efc3bb79-FRA
content-length
88804
expires
Sun, 22 Jan 2023 14:39:09 GMT
fontawesome-webfont.woff2
www.sgexitpromos.com/_global/fonts/font-awesome-4.6.3/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/fonts/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2023-01-20.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sgexitpromos.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2023-01-20.2
Origin
https://www.sgexitpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-02
date
Sat, 21 Jan 2023 14:39:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Thu, 18 Aug 2016 09:52:51 GMT
server
cloudflare
x-map-context
sg
etag
"57b58573-118d8"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78d0cc34efc4bb79-FRA
content-length
71896
expires
Sun, 22 Jan 2023 14:39:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ 		404 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallBack&render=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sgexitpromos.com/
Origin
https://www.sgexitpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 13:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165715
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 01:02:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 13:14:33 GMT
s5-bfp.js
www.sgexitpromos.com/_global/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sgexitpromos.com/_global/js/s5-bfp.js?634116609
Requested by
Host: www.sgexitpromos.com
URL: https://www.sgexitpromos.com/_global/js/scripts.js?2023-01-20.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sgexitpromos.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
d-02
date
Sat, 21 Jan 2023 14:39:09 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 12 Mar 2020 13:46:39 GMT
server
cloudflare
x-map-context
sg
etag
W/"5e6a3d3f-2e71"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
78d0cc35386ebb79-FRA
expires
Sun, 22 Jan 2023 14:39:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame A831 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8aa418854bd57b2a57e1d9e6addd32d6a23a191e1ea2d1ad953f041ab27ac7fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VU_DYh7sBzIXsJCN4sb7iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sgexitpromos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22464
content-security-policy
script-src 'report-sample' 'nonce-VU_DYh7sBzIXsJCN4sb7iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 14:39:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame A831 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 01:02:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 15:02:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame A831 		404 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 13:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165715
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 01:02:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 13:14:33 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A831 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 18:59:47 GMT
x-content-type-options
nosniff
age
329962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 24 Jan 2023 18:59:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A831 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:46:16 GMT
x-content-type-options
nosniff
age
179574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 12:46:16 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A831 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 03:11:30 GMT
x-content-type-options
nosniff
age
127660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 03:11:30 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame A831 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ae67606e11157c5c27a4406956bdaddf11f99e28343e5fed2a9469f3c649383
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 14:39:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 21 Jan 2023 14:39:09 GMT
reload
www.google.com/recaptcha/api2/ Frame A831 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da919e1b86bae2fa116850a46a0127cfcc96111c7aeb1ff2bc7979748c280ab9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfS2M4UAAAAANvhMdSrwiszskPOLswFe-uHDE4g&co=aHR0cHM6Ly93d3cuc2dleGl0cHJvbW9zLmNvbTo0NDM.&hl=de&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=425l83lfusp8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 21 Jan 2023 14:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18713
x-xss-protection
1; mode=block
expires
Sat, 21 Jan 2023 14:39:10 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type function| Moolidator_Lite object| moolidator_lite_rules object| mooli object| moolidator_lite_countries object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log string| page_id boolean| page_submitted undefined| copy undefined| client_pk undefined| email undefined| wingame_pk object| reg_full_survey function| iframe_selector function| open_iframe function| open_layer function| add_pop_iframe_closer_events function| is_partner_pk string| flow string| current_page function| enable_fields function| disable_fields function| validate_agb function| preselect_gender function| disable_valid_fields object| POPUNDER string| sponsor_switch string| sponsor_switch_wingame string| context function| Streetfill function| iframeLoaded function| Sponsorlist_sweepstake number| create_token_interval string| data_sitekey_v3_public string| recaptcha_action function| token_generator function| recaptchaCallBack undefined| dccBts undefined| hlrPingerEvent object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| slickid string| eventName function| p function| w object| m object| y object| e object| b object| z string| n boolean| A object| x function| forge_sha256 string| canvasData number| c2 number| c1 object| recaptcha object| closure_lm_877597

1 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APOlobdBACT15SyerZPs7pmu-vzIYCAT77OqZytwUKSymP0zC1CeCLY9gmPLU-IaZC1rWs7ixvzE5v-VorU3TMI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
www.google.com
www.gstatic.com
www.sgexitpromos.com
2606:4700::6812:446
2a00:1450:4001:813::2004
2a00:1450:4001:82f::2003
2a00:1450:400d:808::2003
0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
142ba1bcb42432325ecf1c28ea83919ed1d6d686493fb035921e45e07ec7a430
1ae67606e11157c5c27a4406956bdaddf11f99e28343e5fed2a9469f3c649383
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
2fa9aa081f9480501867d021a53681955ba1cf050f307a8eeb59032588aeb023
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41c9ca1210a14096e9078bd3d713390d07e5efb4bdd433f839dee3b0f0c25d61
48ab120aeb349fd3e582a7313d4a1812a565853ee8dc522a304eafa0727bc53a
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
57ce8709c64f28b9ac3c02bb01d0bbfb7fc376eeaa4972aba41ef2a2e0b2cfe4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3
7b8ae29a008c84822d2090e225f1b1cc626fbafce58513db8174434dc3909d49
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1
85025e20eecb98cd15465487858233f6e7295423eef2317bc6e5a1f959fcdab0
8aa418854bd57b2a57e1d9e6addd32d6a23a191e1ea2d1ad953f041ab27ac7fc
9db72d714c9d24fcc5a807dc7db39d92fbd4ba81ab795c635d0e61956497eca4
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
da919e1b86bae2fa116850a46a0127cfcc96111c7aeb1ff2bc7979748c280ab9
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879
e6524f7a99f239fa77fa985475b792839954bfbd0d71c6e1578a51dc84d7a0cd
eb3a393e3b81bd5523add3d4372de2343f6f1f0610bae54ee7b13bae6266ec93
f20285bd92ce5eb1c5949bab45cea9405b93796354ed64d381ea0482610bcd63