URL: https://claims.prolificworks.com/free/4eT3kp6g
Submission: On December 09 via api from IT — Scanned from IT

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 40 HTTP transactions. The main IP is 34.204.230.160, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is claims.prolificworks.com.
TLS certificate: Issued by Amazon on May 15th 2022. Valid for: a year.
This is the only time claims.prolificworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.204.230.160 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 199.232.196.249 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:20d... 16509 (AMAZON-02)
1 2600:9000:238... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.186.98 15169 (GOOGLE)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 34.199.64.144 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f14... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 2600:1901:0:4... 15169 (GOOGLE)
1 35.227.225.220 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
40 23
Apex Domain
Subdomains
Transfer
5 prolificworks.com
claims.prolificworks.com
auth.prolificworks.com
208 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
278 B
4 cloudfront.net
d2h8whv6qid4qy.cloudfront.net
d2efb7hsma0m63.cloudfront.net
310 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 26
63 KB
3 google.it
www.google.it — Cisco Umbrella Rank: 22553
675 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
675 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
ajax.googleapis.com — Cisco Umbrella Rank: 300
31 KB
2 customer.io
assets.customer.io — Cisco Umbrella Rank: 17219
track.customer.io — Cisco Umbrella Rank: 14465
3 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2772
30 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3151
18 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 159
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 679
122 KB
1 fastly.net
brick.a.ssl.fastly.net — Cisco Umbrella Rank: 134495
804 B
1 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 4852
12 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
52 KB
40 18
Domain Requested by
4 www.facebook.com claims.prolificworks.com
4 claims.prolificworks.com claims.prolificworks.com
3 www.google-analytics.com claims.prolificworks.com
www.google-analytics.com
3 www.google.it claims.prolificworks.com
3 www.google.com claims.prolificworks.com
3 d2h8whv6qid4qy.cloudfront.net claims.prolificworks.com
2 googleads.g.doubleclick.net www.googletagmanager.com
www.googleadservices.com
2 fonts.googleapis.com claims.prolificworks.com
2 netdna.bootstrapcdn.com claims.prolificworks.com
1 stats.g.doubleclick.net www.google-analytics.com
1 track.customer.io
1 cdn.mxpnl.com claims.prolificworks.com
1 assets.customer.io claims.prolificworks.com
1 auth.prolificworks.com claims.prolificworks.com
1 connect.facebook.net claims.prolificworks.com
1 www.googleadservices.com claims.prolificworks.com
1 cdnjs.cloudflare.com claims.prolificworks.com
1 code.jquery.com claims.prolificworks.com
1 ajax.googleapis.com claims.prolificworks.com
1 d2efb7hsma0m63.cloudfront.net claims.prolificworks.com
1 brick.a.ssl.fastly.net claims.prolificworks.com
1 pro.fontawesome.com claims.prolificworks.com
1 www.googletagmanager.com claims.prolificworks.com
40 23

This site contains links to these domains. Also see Links.

Domain
auth.prolificworks.com
www.prolificworks.com
support.prolificworks.com
Subject Issuer Validity Valid
*.prolificworks.com
Amazon
2022-05-15 -
2023-06-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
default.ssl.fastly.net
GlobalSign RSA OV SSL CA 2018
2022-11-18 -
2023-12-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-17 -
2022-12-16
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.google.it
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.customer.io
Amazon
2022-11-19 -
2023-12-17
a year crt.sh
*.mxpnl.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2022-07-11 -
2023-07-28
a year crt.sh
api.customer.io
GTS CA 1D4
2022-11-16 -
2023-02-14
3 months crt.sh

This page contains 2 frames:

Primary Page: https://claims.prolificworks.com/free/4eT3kp6g
Frame ID: 42299389D418C2D54D490CE04BEA6328
Requests: 39 HTTP requests in this frame

Frame: https://auth.prolificworks.com/login?redirect=https://claims.prolificworks.com/free/4eT3kp6g
Frame ID: 70F79FED901BA2C1B0177F0B59052408
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Prolific Works - Claim a free copy of Silvertroll

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

40
Requests

100 %
HTTPS

78 %
IPv6

18
Domains

23
Subdomains

23
IPs

5
Countries

877 kB
Transfer

1746 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 4eT3kp6g
claims.prolificworks.com/free/
23 KB
8 KB
Document
General
Full URL
https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.230.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-230-160.compute-1.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
acf0331606b36c094aa0915ae08c34a59a955bf658474554a5c0f011d2482c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 09 Dec 2022 09:52:00 GMT
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.1.33
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
135 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-879692522
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aeb490bd34f97903d531013ef6473ffbe7b05192402ce5a333cdef9d619677ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52882
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Dec 2022 09:52:00 GMT
bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.3.6/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
19892263
cdn-cachedat
2021-04-23 05:19:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
16dd4168f684b043cde9b3d2cd85b3a0
timing-allow-origin
*
cdn-requestcountrycode
EG
cf-ray
776cd8722b443756-MXP
cdn-requestpullsuccess
True
all.css
pro.fontawesome.com/releases/v5.2.0/css/
59 KB
12 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f

Request headers

Referer
https://claims.prolificworks.com/
Origin
https://claims.prolificworks.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
SW2308GC127X61EX
age
1217020
x-amz-id-2
mPNSyN2IhjdreTlPfPXv8r3pFWyP+B8CVbAbIFbgEGBKwrIK6ID9cv1n1MhnbvAKMmtZtl6Q1gE=
last-modified
Mon, 28 Jun 2021 17:23:20 GMT
server
cloudflare
etag
W/"5cf28d1228ccc67eef7ef1d2e4666093"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31556926
cf-ray
776cd8723992bb1a-MXP
Montserrat:100,200,300,400,500,600,700,800,900
brick.a.ssl.fastly.net/
2 KB
804 B
Stylesheet
General
Full URL
https://brick.a.ssl.fastly.net/Montserrat:100,200,300,400,500,600,700,800,900
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Brick /
Resource Hash
ff4383e0057277b1306af046743cfc4e36c8d6bd40b66c1b6ad09de0b41183f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Expires
Fri, 09 Dec 2022 20:32:15 UTC
Date
Fri, 09 Dec 2022 09:52:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 varnish
Age
2589585
X-Cache
HIT
Connection
keep-alive
Content-Length
256
X-Served-By
cache-mxp6954-MXP
Pragma
Public
Last-Modified
Sun, 10 Jun 2018 00:27:42 UTC
Server
Brick
X-Timer
S1670579520.353639,VS0,VE9
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2628000
Accept-Ranges
bytes
X-Cache-Hits
1
icon
fonts.googleapis.com/
569 B
869 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 09:52:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Dec 2022 09:52:00 GMT
css
fonts.googleapis.com/
3 KB
582 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400,700
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73d2d9664745fbb23bc1ec6e64d7c74a173c9a08f4f7be614b3a9f5c434b14a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 08:41:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Dec 2022 09:52:00 GMT
style.css
claims.prolificworks.com/css/
8 KB
8 KB
Stylesheet
General
Full URL
https://claims.prolificworks.com/css/style.css?id=95ea1088d4a038ae92e0
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.230.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-230-160.compute-1.amazonaws.com
Software
nginx /
Resource Hash
aa1fdd1c415409714e2bf4c20e8fdf62aa97b694a2877a19a486e47e9f11fc8f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/free/4eT3kp6g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/css
date
Fri, 09 Dec 2022 09:52:00 GMT
cache-control
max-age=315360000, public
server
nginx
accept-ranges
bytes
content-length
7921
expires
Thu, 31 Dec 2037 23:55:55 GMT
pw_logo_white.png
d2h8whv6qid4qy.cloudfront.net/images/
24 KB
24 KB
Image
General
Full URL
https://d2h8whv6qid4qy.cloudfront.net/images/pw_logo_white.png
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:e00:1a:e01c:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
719646a2fe102c52c9eeae45b0f87b4c3b3d5af569637b77ec370b6a5996a9c8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
svMXEadVW2krPhv4eNE_4NMkAZGLeaJI
date
Thu, 08 Dec 2022 09:57:13 GMT
via
1.1 996a6dcadb486dbb9da5040a9ab13af2.cloudfront.net (CloudFront)
last-modified
Thu, 13 Sep 2018 01:17:57 GMT
server
AmazonS3
x-amz-cf-pop
ZAG50-C1
age
86088
etag
"00345fd0ee6ab6432fce5aef6a367ebf"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
24617
x-amz-cf-id
npLTTdasnPe-OmXqt9bgacb3aPOsTdhFvqjXug8tQmlAATdBAZkEPA==
b89643703f6b8214c6451a5f6e43b660.jpg
d2efb7hsma0m63.cloudfront.net/books/cover_images/
240 KB
241 KB
Image
General
Full URL
https://d2efb7hsma0m63.cloudfront.net/books/cover_images/b89643703f6b8214c6451a5f6e43b660.jpg
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9400:1e:ad74:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fec96cff171fd3fbdcb23b896161fbf21f2de463ec576c64b602a592f268f0b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:54:51 GMT
x-amz-version-id
ly3p84ieLstDdFdyhC2Td4AY6oX93VQc
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
last-modified
Mon, 29 Aug 2022 02:07:33 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
50230
etag
"e65b0970c559c1f2ec4d88bf01d8719c"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
246234
x-amz-cf-id
E-w5b_EXrUULLMYdLaaNFxpB8zYo5oZydeo_vknNTEUDafWKKSm53A==
loading.gif
d2h8whv6qid4qy.cloudfront.net/images/
12 KB
12 KB
Image
General
Full URL
https://d2h8whv6qid4qy.cloudfront.net/images/loading.gif
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:e00:1a:e01c:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84b406766321ea33c5d3ab636d859909018e7e799ee0848bdb5fb578d8f4258a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
ZU3YNGadLqSb.XMsmtghLCKcNSgrh_oe
date
Fri, 09 Dec 2022 09:52:00 GMT
via
1.1 996a6dcadb486dbb9da5040a9ab13af2.cloudfront.net (CloudFront)
last-modified
Thu, 26 Apr 2018 15:10:42 GMT
server
AmazonS3
x-amz-cf-pop
ZAG50-C1
age
18933
etag
"e209fb51ce30b9ea682f561bc578bcb0"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
12068
x-amz-cf-id
7o5_4ApvzoMYmRxPotz1aoUwpQs3UCEERZCSLSu12YLOpEGJsRu-HQ==
pw_logo.png
d2h8whv6qid4qy.cloudfront.net/images/
32 KB
33 KB
Image
General
Full URL
https://d2h8whv6qid4qy.cloudfront.net/images/pw_logo.png
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:e00:1a:e01c:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75996792f3af31c3c9095f547a8a5194f1347307bb59907a58c1d51a61df29b0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
SYEqfkoGTOocRPEz29nF.89X5KD96WMs
date
Fri, 09 Dec 2022 06:01:29 GMT
via
1.1 996a6dcadb486dbb9da5040a9ab13af2.cloudfront.net (CloudFront)
last-modified
Thu, 13 Sep 2018 01:17:58 GMT
server
AmazonS3
x-amz-cf-pop
ZAG50-C1
age
13832
etag
"5e4c8831fd29ec6bc65f2995597bae06"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
33001
x-amz-cf-id
77GLXT0JRcw4Drq3qSPZAxscVmOkMQL0ADvLIQ3YxHT5m9nTIiY-mA==
generic.js
claims.prolificworks.com/js/
559 B
744 B
Script
General
Full URL
https://claims.prolificworks.com/js/generic.js?id=9e6a533cf3a311ee1e35
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.230.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-230-160.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f2f45c07144868e7a2c9a1909cdcf248713346f210a831d27469f774baaa9494

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/free/4eT3kp6g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Fri, 09 Dec 2022 09:52:00 GMT
cache-control
max-age=315360000, public
server
nginx
accept-ranges
bytes
content-length
559
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 06:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29440
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 06:23:57 GMT
jquery-ui.js
code.jquery.com/ui/1.12.1/
509 KB
122 KB
Script
General
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-7f20a"
vary
Accept-Encoding
x-hw
1670579520.dop026.ml1.t,1670579520.cds007.ml1.hn,1670579520.cds208.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
124434
bootstrap.min.js
netdna.bootstrapcdn.com/bootstrap/3.3.6/js/
36 KB
10 KB
Script
General
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722, 617, 617, 617
age
9734594
cdn-cachedat
2021-07-24 16:51:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3df76647e2d44865c33c1cc614af9e22
timing-allow-origin
*
cdn-requestcountrycode
EG
cdn-status
200
cf-ray
776cd872bc253756-MXP
cdn-requestpullsuccess
True
mailcheck.min.js
cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mailcheck/1.1.2/mailcheck.min.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18ac5282d49df88ec383df2ada07181527dd732e9e116fc373b52e9035957d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17074643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1324
last-modified
Mon, 04 May 2020 16:12:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed4-e43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLeG2Mr1AsKDykaWJypeU8OQhHZ8kmITVTN0as1A2aHHccNfCM2wohmpALtV675WTSkASUBQmV0TXPbh4Xo2L83iGdw6T7jOOBy62gHBePrNdvXlnCq2Hot0JTVliYAyuoa1XJjA2v%2B2Em1%2BpSv%2Fkw4h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
776cd872ea723742-MXP
expires
Wed, 29 Nov 2023 09:52:00 GMT
conversion.js
www.googleadservices.com/pagead/
45 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 09:52:00 GMT
fbds.js
connect.facebook.net/en_US/
4 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f028:100:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12ef0a4c233eba2547110a8494a0f0855c46895e870a64ac1e1e273a777f82a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 09:52:00 GMT
content-md5
1qgGO+m3SMOqyUAPM6LJAg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2166
x-fb-rlafr
0
x-fb-debug
irPGKDg5xXGdPuqWbENGLVs/Pt0YBq1rFje1ctsextm14+qFyqqTBELDHrjJ0bNEP+V/Jo7G7Henpbut6hQLTA==
x-fb-trip-id
1460883810
x-fb-content-md5
fc06875c49255c2f210343ec489e1224
cross-origin-opener-policy
same-origin-allow-popups
etag
"f7d9b26dd02776eaa4393341624f340c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Fri, 09 Dec 2022 10:04:48 GMT
login
auth.prolificworks.com/ Frame 70F7
0
0
Document
General
Full URL
https://auth.prolificworks.com/login?redirect=https://claims.prolificworks.com/free/4eT3kp6g
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.64.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-64-144.compute-1.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claims.prolificworks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 09 Dec 2022 09:52:00 GMT
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.1.33
x-xss-protection
1; mode=block
analytics-if.js
claims.prolificworks.com/js/
191 KB
191 KB
Script
General
Full URL
https://claims.prolificworks.com/js/analytics-if.js?id=6fc6e9024d2a71c85c43
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.230.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-230-160.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0def456f59d355b935d7a5dd37fe57733cca80e8d132f05d52a9da9be571c44e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/free/4eT3kp6g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Fri, 09 Dec 2022 09:52:00 GMT
cache-control
max-age=315360000, public
server
nginx
accept-ranges
bytes
content-length
195619
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/879692522/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879692522/?random=1670579520453&cv=11&fst=1670579520453&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&tiba=Prolific%20Works%20-%20Claim%20a%20free%20copy%20of%20Silvertroll&auid=1083275151.1670579520&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-879692522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14e4d77893465a1e2ddcfa992ee54d5f2e05630d905a34ff4a78444436dd9e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
918
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/879692522/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/879692522/?random=1670579520453&cv=11&fst=1670576400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&tiba=Prolific%20Works%20-%20Claim%20a%20free%20copy%20of%20Silvertroll&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=598528708&rmt_tld=0&ipr=y
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/879692522/
42 B
548 B
Image
General
Full URL
https://www.google.it/pagead/1p-user-list/879692522/?random=1670579520453&cv=11&fst=1670576400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&tiba=Prolific%20Works%20-%20Claim%20a%20free%20copy%20of%20Silvertroll&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=598528708&rmt_tld=1&ipr=y
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=628684477214271&ev=PixelInitialized&dl=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&rl=&if=false&ts=1670579520605
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 09 Dec 2022 09:52:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1488259234749612&ev=PixelInitialized&dl=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&rl=&if=false&ts=1670579520606
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 09 Dec 2022 09:52:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=628684477214271&ev=ViewBook&dl=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&rl=&if=false&ts=1670579520606&cd[if_book]=91889&cd[title]=Silvertroll&cd[if_author]=774
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 09 Dec 2022 09:52:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1488259234749612&ev=ViewBook&dl=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&rl=&if=false&ts=1670579520606&cd[if_book]=91889&cd[title]=Silvertroll&cd[if_author]=774
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 09 Dec 2022 09:52:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/972780603/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972780603/?random=1670579520612&cv=9&fst=1670579520612&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=title%3DSilvertroll%3Bif_book%3D91889%3Bif_author%3D774&frm=0&url=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&tiba=Prolific%20Works%20-%20Claim%20a%20free%20copy%20of%20Silvertroll&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f58e1c4a03562d7f58507655f42290f51ec754b08fc75cade3f3422af7e75bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1000
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/972780603/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/972780603/?random=1670579520612&cv=9&fst=1670576400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=title%3DSilvertroll%3Bif_book%3D91889%3Bif_author%3D774&frm=0&url=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&tiba=Prolific%20Works%20-%20Claim%20a%20free%20copy%20of%20Silvertroll&fmt=3&is_vtc=1&random=3275443316&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/972780603/
42 B
64 B
Image
General
Full URL
https://www.google.it/pagead/1p-user-list/972780603/?random=1670579520612&cv=9&fst=1670576400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=title%3DSilvertroll%3Bif_book%3D91889%3Bif_author%3D774&frm=0&url=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&tiba=Prolific%20Works%20-%20Claim%20a%20free%20copy%20of%20Silvertroll&fmt=3&is_vtc=1&random=3275443316&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/free/4eT3kp6g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/js/analytics-if.js?id=6fc6e9024d2a71c85c43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 09:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2175
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 09 Dec 2022 11:15:46 GMT
track.js
assets.customer.io/assets/
6 KB
3 KB
Script
General
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/js/analytics-if.js?id=6fc6e9024d2a71c85c43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a800:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3068b3bae37281a1a70ec3c96b5c825d8c6a60b11eb367126a0e0da8fe7f148f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:01:52 GMT
content-encoding
gzip
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
last-modified
Mon, 05 Dec 2022 19:01:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
53410
etag
W/"3268ca90bfd9ccfc196b319a5bef5cdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5QfvMaKb0Vp6f07d1SFHw7r1pTncDT1GBa5xoRTz1MDADno0zspXpA==
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/
50 KB
18 KB
Script
General
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: claims.prolificworks.com
URL: https://claims.prolificworks.com/js/analytics-if.js?id=6fc6e9024d2a71c85c43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:43:52 GMT
content-encoding
gzip
age
489
x-guploader-uploadid
ADPycdtu0jnSnejSqfGeHa0GEIUDRikPX3EtcIgUACFSkBR0J26afYBURzhZJ35jbLlkouQod_YbU803U35vUGRbdWK1EneS9mJk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17435
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
Accept-Encoding
x-goog-generation
1645129310876382
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
17435
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 09 Dec 2022 09:53:52 GMT
js
www.google-analytics.com/gtm/
110 KB
43 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TPGBSLP&cid=2041700560.1670579521
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
851466f2ce2b2d3c02c06afae7556824d4c3aa530f95d0a03d2f08551b547675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44055
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Dec 2022 09:52:01 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=279246447&t=pageview&_s=1&dl=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&dp=%2Ffree%2F4eT3kp6g&ul=en-us&de=UTF-8&dt=Prolific%20Works%20-%20Claim%20a%20free%20copy%20of%20Silvertroll&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADQAAAACgCI~&jid=1862909716&gjid=1929771032&cid=2041700560.1670579521&tid=UA-47758815-1&_gid=1588741497.1670579521&_r=1&_slc=1&z=682786815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://claims.prolificworks.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://claims.prolificworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
page.gif
track.customer.io/events/
35 B
252 B
Image
General
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=d6c35532-6fb8-4df1-8bae-f2e645ca4a7f&site_id=cc41499cc6ce365abe21&timestamp=1670579521235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:52:01 GMT
via
1.1 google
content-type
image/gif
access-control-allow-origin
*
status
401 Unauthorized
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
collect
stats.g.doubleclick.net/j/
4 B
448 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47758815-1&cid=2041700560.1670579521&jid=1862909716&gjid=1929771032&_gid=1588741497.1670579521&_u=aGBAAEACQAAAACgCI~&z=412714249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claims.prolificworks.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 09 Dec 2022 09:52:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://claims.prolificworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47758815-1&cid=2041700560.1670579521&jid=1862909716&_u=aGBAAEACQAAAACgCI~&z=1698224924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/
42 B
63 B
Image
General
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47758815-1&cid=2041700560.1670579521&jid=1862909716&_u=aGBAAEACQAAAACgCI~&z=1698224924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://claims.prolificworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 09:52:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| googletag object| dataLayer object| _fbq string| email_address string| email_suggestion number| no_recommend function| checkKindleAddress function| checkEmailErrors function| suggestEmail function| checkEmailValue function| submitClaim object| google_tag_params string| method object| analytics object| a string| view_path object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| $ function| jQuery object| Mailcheck object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments string| GoogleAnalyticsObject function| ga object| _cio object| mixpanel object| gaplugins object| gaGlobal object| gaData number| c_start object| google_optimize number| c_end

11 Cookies

Domain/Path Name / Value
.prolificworks.com/ Name: _gcl_au
Value: 1.1.1083275151.1670579520
.doubleclick.net/ Name: IDE
Value: AHWqTUmLFp2MuzvLNFIXcdyxMNPQt1liRZDgHFnOoYZvn3n2JXt9cU5O3Cr1lKei
.prolificworks.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjZXcXNHT2Y5NFwvaTRVZ3ZWcjJcL2dPUT09IiwidmFsdWUiOiI4dnE0d2RwZnR6cFZQU3JKUU56bmtzeTJIMnFTNkdpTnRpMEJGT3d1cG5ON0Y5d2V2VDhPZU1OZHZQcG1OYWRkNkVodk5ZWVJlbDc1QTFmUVZsb241UT09IiwibWFjIjoiZjYwYzE0N2U2ZWVjMzFjYTlmMzE5Nzk0Nzg1MWIwMTdjMjczMjE0OGIzNGQ3NjkyZDc0Yjc5YmVhZmE2YWYxMCJ9
.prolificworks.com/ Name: sid
Value: eyJpdiI6ImY1TEVwMGlmWVNQTnlYU2VyUjYyXC93PT0iLCJ2YWx1ZSI6IkNxdm10SDBrczFuVXVRY1RJOFFYXC9xdlNHOU0xR3BvaVZjMVRoVWhaXC81MnJWTVRhMU1ocWN6Tmw3NzdwZnk5dThkdUdoXC95SnNlaVMxaGtmTVlDQmxnPT0iLCJtYWMiOiJlNjI1ODA5MjgwYzZhYjVjYWE0MDE0OTNlZjI5ZTk4N2RmYjdlY2FlYzIzMTkxMzc3ZTYzMGFlMzljYzMzZjM5In0%3D
.prolificworks.com/ Name: ajs_user_id
Value: null
.prolificworks.com/ Name: ajs_group_id
Value: null
.prolificworks.com/ Name: ajs_anonymous_id
Value: %22d6c35532-6fb8-4df1-8bae-f2e645ca4a7f%22
claims.prolificworks.com/ Name: mp_60e339024b7b56da9c46e99675550fb5_mixpanel
Value: %7B%22distinct_id%22%3A%20%22184f64c8605d82-02c42ab4fdfb8d-1b3b3a75-1d4c00-184f64c8606f8b%22%2C%22%24device_id%22%3A%20%22184f64c8605d82-02c42ab4fdfb8d-1b3b3a75-1d4c00-184f64c8606f8b%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.prolificworks.com/ Name: _ga
Value: GA1.2.2041700560.1670579521
.prolificworks.com/ Name: _gid
Value: GA1.2.1588741497.1670579521
.prolificworks.com/ Name: _gat
Value: 1

2 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://auth.prolificworks.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fclaims.prolificworks.com%2Ffree%2F4eT3kp6g&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=d6c35532-6fb8-4df1-8bae-f2e645ca4a7f&site_id=cc41499cc6ce365abe21&timestamp=1670579521235
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.customer.io
auth.prolificworks.com
brick.a.ssl.fastly.net
cdn.mxpnl.com
cdnjs.cloudflare.com
claims.prolificworks.com
code.jquery.com
connect.facebook.net
d2efb7hsma0m63.cloudfront.net
d2h8whv6qid4qy.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
netdna.bootstrapcdn.com
pro.fontawesome.com
stats.g.doubleclick.net
track.customer.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
142.250.186.98
199.232.196.249
2001:4de0:ac18::1:a:2b
2600:1901:0:498c::
2600:9000:20d7:e00:1a:e01c:d280:93a1
2600:9000:211e:a800:11:9cfd:9400:93a1
2600:9000:238d:9400:1e:ad74:8ec0:93a1
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700::6812:acf
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9c
2a03:2880:f028:100:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
34.199.64.144
34.204.230.160
35.227.225.220
0def456f59d355b935d7a5dd37fe57733cca80e8d132f05d52a9da9be571c44e
0f58e1c4a03562d7f58507655f42290f51ec754b08fc75cade3f3422af7e75bb
12ef0a4c233eba2547110a8494a0f0855c46895e870a64ac1e1e273a777f82a7
14e4d77893465a1e2ddcfa992ee54d5f2e05630d905a34ff4a78444436dd9e95
1fec96cff171fd3fbdcb23b896161fbf21f2de463ec576c64b602a592f268f0b
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3068b3bae37281a1a70ec3c96b5c825d8c6a60b11eb367126a0e0da8fe7f148f
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
719646a2fe102c52c9eeae45b0f87b4c3b3d5af569637b77ec370b6a5996a9c8
73d2d9664745fbb23bc1ec6e64d7c74a173c9a08f4f7be614b3a9f5c434b14a5
75996792f3af31c3c9095f547a8a5194f1347307bb59907a58c1d51a61df29b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b406766321ea33c5d3ab636d859909018e7e799ee0848bdb5fb578d8f4258a
851466f2ce2b2d3c02c06afae7556824d4c3aa530f95d0a03d2f08551b547675
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
aa1fdd1c415409714e2bf4c20e8fdf62aa97b694a2877a19a486e47e9f11fc8f
acf0331606b36c094aa0915ae08c34a59a955bf658474554a5c0f011d2482c2a
aeb490bd34f97903d531013ef6473ffbe7b05192402ce5a333cdef9d619677ec
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
d18ac5282d49df88ec383df2ada07181527dd732e9e116fc373b52e9035957d0
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f45c07144868e7a2c9a1909cdcf248713346f210a831d27469f774baaa9494
ff4383e0057277b1306af046743cfc4e36c8d6bd40b66c1b6ad09de0b41183f3