giveaway.gemctphoto.com Open in urlscan Pro
75.101.134.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://giveaway.gemctphoto.com/
Effective URL:
https://giveaway.gemctphoto.com/
Submission: On June 15 via api (June 15th 2024, 12:03:36 am UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 32 HTTP transactions. The main IP is 75.101.134.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is giveaway.gemctphoto.com.
TLS certificate: Issued by R10 on June 13th 2024. Valid for: 3 months.

This is the only time giveaway.gemctphoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	75.101.134.27 75.101.134.27	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	18.66.112.106 18.66.112.106	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:38e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.175.41 13.226.175.41	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	18.244.18.60 18.244.18.60	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	63.33.251.85 63.33.251.85	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
32	18

1 75.101.134.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-134-27.compute-1.amazonaws.com

giveaway.gemctphoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-106.fra56.r.cloudfront.net

lib.showit.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:38e (United States)

ASN13335 (CLOUDFLARENET, US)

call.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.175.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-41.mxp64.r.cloudfront.net

gem-photography-26949.smartslides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.244.18.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-60.fra56.r.cloudfront.net

static.showit.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.251.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-251-85.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	showit.co lib.showit.co — Cisco Umbrella Rank: 87981 static.showit.co — Cisco Umbrella Rank: 75248	457 KB
4	gstatic.com fonts.gstatic.com	79 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	72 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1344	59 KB
2	chatra.io call.chatra.io — Cisco Umbrella Rank: 56068 chat.chatra.io — Cisco Umbrella Rank: 45530	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 ajax.googleapis.com — Cisco Umbrella Rank: 457	49 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	167 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	351 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6452	171 B
1	smartslides.com gem-photography-26949.smartslides.com
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	4 KB
1	gemctphoto.com giveaway.gemctphoto.com	11 KB
32	14

	Domain	Requested by
5	static.showit.co	giveaway.gemctphoto.com
4	fonts.gstatic.com	fonts.googleapis.com
3	lib.showit.co	giveaway.gemctphoto.com
2	www.facebook.com	giveaway.gemctphoto.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	giveaway.gemctphoto.com connect.facebook.net
2	www.googletagmanager.com	giveaway.gemctphoto.com www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	content.hotjar.io	script.hotjar.com
1	chat.chatra.io	call.chatra.io
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	gem-photography-26949.smartslides.com	giveaway.gemctphoto.com
1	static.hotjar.com	giveaway.gemctphoto.com
1	call.chatra.io	giveaway.gemctphoto.com
1	ajax.googleapis.com	giveaway.gemctphoto.com
1	cdnjs.cloudflare.com	giveaway.gemctphoto.com
1	fonts.googleapis.com	giveaway.gemctphoto.com
1	giveaway.gemctphoto.com
32	19

This site contains links to these domains. Also see Links.

Domain
teacherpricing.gemctphoto.com
gemctphoto.com

Subject Issuer	Validity	Valid
giveaway.gemctphoto.com R10	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.showit.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-09`	a year	crt.sh
chatra.io GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-24` - `2024-06-22`	3 months	crt.sh
smartslides.com Amazon RSA 2048 M02	`2024-04-07` - `2025-05-06`	a year	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://giveaway.gemctphoto.com/
Frame ID: 8911C76735417952CA9F0A532B28BD90
Requests: 30 HTTP requests in this frame

Frame: https://gem-photography-26949.smartslides.com/e-session-giveaway?pt=ed
Frame ID: 5EAB7957015D671C04317A1800E2235F
Requests: 1 HTTP requests in this frame

Frame: https://chat.chatra.io/?isModern=true
Frame ID: A80FE724A284F5A9EA09782F7ADC0E53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

welcome

Page URL History Show full URLs

http://giveaway.gemctphoto.com/ HTTP 307
https://giveaway.gemctphoto.com/ Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

61 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

935 kB
Transfer

1983 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://teacherpricing.gemctphoto.com/
Title: You're Engaged!!!!What an exciting time in your relationship .. Let's celebrate that

Search URL Search Domain Scan URL

URL: https://gemctphoto.com/
Title: For more info about GEM CLICK HERE

Search URL Search Domain Scan URL

URL: http://gemctphoto.com/
Title: Home

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://giveaway.gemctphoto.com/ HTTP 307
https://giveaway.gemctphoto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
giveaway.gemctphoto.com/
Redirect Chain

http://giveaway.gemctphoto.com/
https://giveaway.gemctphoto.com/

43 KB
11 KB

999ms
784ms

Document
text/html

75.101.134.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-134-27.compute-1.amazonaws.com
Software: /
Resource Hash: cf903bf9cea23a3537d8c5dd25d2da4ea1c09e548e6ffb29ff4c51b9914e9087

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Jun 2024 00:03:30 GMT
etag: W/"772b4478584d739657779edf03ca4ed6"
last-modified: Sun, 18 Apr 2021 21:15:46 GMT
vary: Accept-Encoding
x-showit: hosted

Redirect headers

Location: https://giveaway.gemctphoto.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 70ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136776518-1

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3da25cac08d2a2a0b4f4c9a74651a281f77cc4833fb1c4709dbb4eb8680e78df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 00:03:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Jun 2024 00:03:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 67 KB
15 KB 69ms
25ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992615b7940db80a463e32e644ab24447a557a2fb7686cf2b02dcf71e3b82188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Jun 2024 00:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 00:03:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Jun 2024 00:03:30 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/ 54 KB
4 KB 88ms
55ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 00:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 165689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3203
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-d8e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhgnbzEpKlFZP0lz5gFPQURwgm%2BDQDW4rMF%2FBVolAca4e6o5tbDc7Kbaw7hS6OIat5L4GE6AueqzTsIVFO7CjCgSfQ4W4zhvYlhkhz5KYeby6DlydIEj9oz89KE8go4yDI8BSenmiDRrZdOp2BOaQ7iN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 893e4c22da9f9c0d-FRA
expires: Thu, 05 Jun 2025 00:03:30 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 47ms
12ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 00:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Jun 2025 00:03:20 GMT

GET
H2 200 showit-lib.min.js Show response
lib.showit.co/engine/1.3.3/ 112 KB
37 KB 101ms
10ms Script
application/javascript 18.66.112.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.showit.co/engine/1.3.3/showit-lib.min.js
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09a6d6480c85f12ab5bb76ce616e5d2df0b19714db2ae5fd22bb882d8c699f88

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 07:42:12 GMT
content-encoding: gzip
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 20:32:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 59174
etag: W/"75e96d4d8ab5083e7ea86d598d6ea7f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Cv85zWLMF_DgphUkPkKIvst1Ty9URT0BEbXSKnANmCxJVe5OtrOX2g==

GET
H2 200 showit.min.js Show response
lib.showit.co/engine/1.3.3/ 34 KB
11 KB 100ms
10ms Script
application/javascript 18.66.112.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.showit.co/engine/1.3.3/showit.min.js
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a92498429bae5d606a1c0a63ef4522cef67c6737ed932ceddc8a885aaec91492

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 02:07:27 GMT
content-encoding: gzip
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 20:32:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 78964
etag: W/"696fe9dfc1228167a49385dc5be3016d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: h7s_zRF3eQ4hqvpKnLQyGTEsxkiVJ20W4SywiJxrle5mPRM6GgmsBw==

GET
H2 200 showit.css
lib.showit.co/engine/1.3.3/ 7 KB
2 KB 98ms
9ms Stylesheet
text/css 18.66.112.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.showit.co/engine/1.3.3/showit.css
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7cd9ddc000ec229925b4bbb49be0d3d4df40b0818f6637d13841512f39869de

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 04:19:04 GMT
content-encoding: gzip
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 20:32:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 71066
etag: W/"6610b8bcaffbd5b180d72ebbeec7b005"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: pLO59HLtYQUxjEQLJSYT04UPUnO7ImI91tnz3Vs087nn4cvHX23o9g==

GET
H3 200 chatra.js Show response
call.chatra.io/ 46 KB
12 KB 137ms
100ms Script
text/javascript 2606:4700:10::6816:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://call.chatra.io/chatra.js
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:38e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 097f2f574fb8173d52a7f1b74c18a33c125a4a5efe061ba390b30eb17549985e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 00:03:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Aug 2023 12:45:59 GMT
server: cloudflare
age: 1164
etag: W/"b872-18a27948358"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800
cf-ray: 893e4c23c8a98f30-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 hotjar-1735778.js Show response
static.hotjar.com/c/ 9 KB
4 KB 95ms
61ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1735778.js?sv=6

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

4021cc21b38324f3649e62540bef8209eca523c0b7e658fc944dee2c216fd273

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Jun 2024 00:03:30 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/5b51ea15a990f264c36220f8f434780e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5r3OZEkJ5N7eLDAeMg4RZI7uSuYOm0h52WP3gRHCnHDTNX1GvKAXtg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 340ms
0ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Jun 2024 00:03:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=15, mss=1328, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: FBuw5OGR1BsOiQ7RRyla97vfwdOkBW1aAwo7hVxaTY03z2QY8UUu3+pThFLJkgVkGpgRl/qi/5SuMN3xbUKl3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
92 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KBZN7P7FLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136776518-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b894f7fc93eb996ebc5f305fc767ac039573865c3205e632129b3a2fc5edab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 00:03:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94350
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Jun 2024 00:03:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 356ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136776518-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jun 2024 22:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5662
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 15 Jun 2024 00:29:08 GMT

GET
H2 200 e-session-giveaway
gem-photography-26949.smartslides.com/ Frame 5EAB 0
0 513ms
390ms Document
text/html 13.226.175.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gem-photography-26949.smartslides.com/e-session-giveaway?pt=ed
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-41.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://giveaway.gemctphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 70567
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400, must-revalidate
content-encoding: br
content-type: text/html
date: Fri, 14 Jun 2024 06:28:25 GMT
etag: W/"3de1c281840c95af9225c4796d7e7372"
expires: Sun, 23 Apr 2034 16:50:07 GMT
last-modified: Thu, 25 Apr 2024 16:50:09 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a394733f1fe324c13718fb07a56c6226.cloudfront.net (CloudFront)
x-amz-cf-id: EWe99B0aWsDH8Zpvxm-DAQTDx_K-wjGGyJsNYhGgj59APKdqgonnag==
x-amz-cf-pop: MXP64-C3
x-amz-meta-cache-control: public, max-age=86400, must-revalidate
x-amz-meta-content-type: text/html
x-cache: Error from cloudfront

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/ 15 KB
16 KB 145ms
36ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73b8057c918765ed1a41c6ca23e2c0530b51d396e12ce63071297c5a04178504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://giveaway.gemctphoto.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:30:03 GMT
x-content-type-options: nosniff
age: 167607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15788
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 01:30:03 GMT

GET
H2 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2
fonts.gstatic.com/s/lora/v35/ 22 KB
22 KB 132ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e6e380dc70aa0d116772b28a820ecbc3ba8ff7927e2f9de6ac09742bb1e1b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://giveaway.gemctphoto.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 17:09:55 GMT
x-content-type-options: nosniff
age: 111215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22696
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 17:09:55 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
22 KB 143ms
34ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://giveaway.gemctphoto.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 19:43:03 GMT
x-content-type-options: nosniff
age: 102027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22432
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 19:43:03 GMT

GET
H2 200 9Btx3DZF0dXLMZlywRbVRNhxy2LscnU.woff2
fonts.gstatic.com/s/nanummyeongjo/v22/ 19 KB
20 KB 125ms
16ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nanummyeongjo/v22/9Btx3DZF0dXLMZlywRbVRNhxy2LscnU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d830f3f17e4a57bafd38204f095fea8680044978df83c71414c0703609ee168f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://giveaway.gemctphoto.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 23:22:27 GMT
x-content-type-options: nosniff
age: 175263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19492
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:48:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 23:22:27 GMT

GET
H2 200 yale_engagement-13.jpg
static.showit.co/1600/lUwkNTVpROK9ei-0UY6ZoQ/87833/ 271 KB
271 KB 510ms
58ms Image
image/jpeg 18.244.18.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/1600/lUwkNTVpROK9ei-0UY6ZoQ/87833/yale_engagement-13.jpg
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9262f14372a064aeae3a047a67d9def6ea1063fef2978923559cee9c205bb1cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 14 Jun 2025 11:36:31 GMT
date: Fri, 14 Jun 2024 11:36:31 GMT
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 17:06:52 GMT
server: nginx
x-amz-cf-pop: FRA56-P11
age: 44818
etag: 4fb06f5265d7b148eb72899edd614b12
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin
x-amz-cf-id: 8iH1oKbRo7LlHYy9bj-bFHCVo2V9a6NBAOaiVAlg508FJajI9CJBgA==
content-length: 277178
media-server: node

GET
H2 200 candlewood_inn_brookfield-0408.jpg
static.showit.co/1600/LE06V1N2SM6jl9KRSZcHyQ/87833/ 128 KB
129 KB 479ms
27ms Image
image/jpeg 18.244.18.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/1600/LE06V1N2SM6jl9KRSZcHyQ/87833/candlewood_inn_brookfield-0408.jpg
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: fab192006332d57e957fafb41589b5c10d958869d2fffe02033682c84aa5a83b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 14 Jun 2025 11:36:32 GMT
date: Fri, 14 Jun 2024 11:36:32 GMT
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2019 04:51:59 GMT
server: nginx
x-amz-cf-pop: FRA56-P11
age: 44818
etag: dbc1478d1559e4ed772d7768c5c25cc8
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin
x-amz-cf-id: 1R4QR0V56W3SIcJm8KySIO0RDEygt18ZKDU44GqnR0JCjYjZbmAfNg==
content-length: 131575
media-server: node

GET
H2 200 logo.png
static.showit.co/200/ra0Zbew3R5qT96sM3jV0XQ/87833/ 6 KB
6 KB 730ms
278ms Image
image/png 18.244.18.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/200/ra0Zbew3R5qT96sM3jV0XQ/87833/logo.png
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: edef113e3bcfb55b4d866168ec4be273cc93c66c0bc3e5891f9d92419b7e96b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 15 Jun 2025 00:03:31 GMT
date: Sat, 15 Jun 2024 00:03:31 GMT
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2019 18:10:43 GMT
server: nginx
x-amz-cf-pop: FRA56-P11
etag: 9b3dba68972dba037c832dcd95a75df9
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-allow-origin
x-amz-cf-id: nr7GOXunm5Q3jPE0FYAXV50yk7qKszypGeYhsNy7KcuHW59E5yuyJQ==
content-length: 5819
media-server: node

GET
H2 200 modules.db8890ba82a7e392473f.js Show response
script.hotjar.com/ 223 KB
55 KB 84ms
16ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.db8890ba82a7e392473f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1735778.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

89a2840e72b9ea060982f79dd7c1ac1cc747617f2bd9790b79ac09497d97fe8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 295764
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56164
last-modified: Tue, 11 Jun 2024 13:53:21 GMT
etag: "e6623694317786c0abed295167d203ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OAnKM4cGy1NelXec_De3VahdL3-h7h3IpzWKlavJyG0aQW3sRkedmw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 67ms
24ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KBZN7P7FLB&gtm=45je46c0v9131856025za200&_p=1718409810315&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1506275982.1718409811&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1718409810&sct=1&seg=0&dl=https%3A%2F%2Fgiveaway.gemctphoto.com%2F&dt=welcome&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1287&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBZN7P7FLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 00:03:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveaway.gemctphoto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
chat.chatra.io/ Frame A80F 0
0 86ms
46ms Document
text/html 2606:4700:10::6816:38e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatra.io/?isModern=true

Requested by

Host: call.chatra.io
URL: https://call.chatra.io/chatra.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:38e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://giveaway.gemctphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 119
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=300, stale-if-error=1800
cf-cache-status: HIT
cf-ray: 893e4c249fd41c40-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'
content-type: text/html; charset=utf-8
date: Sat, 15 Jun 2024 00:03:30 GMT
etag: W/"appV0.0.1692881183"
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 245ms
128ms XHR
application/json 63.33.251.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=1735778&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.db8890ba82a7e392473f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.251.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-251-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 90b8f3a01de0db57a2c7c5dd9fccf86d9c3953adf7bafa20e1588d16b091b8a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 15 Jun 2024 00:03:30 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 15ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=388179664&t=pageview&_s=1&dl=https%3A%2F%2Fgiveaway.gemctphoto.com%2F&ul=de-de&de=UTF-8&dt=welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1173593633&gjid=201686462&cid=1506275982.1718409811&tid=UA-136776518-1&_gid=1308634937.1718409811&_r=1&gtm=457e46c0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1199864910

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 00:03:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveaway.gemctphoto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 504312916909710 Show response
connect.facebook.net/signals/config/ 60 KB
13 KB 163ms
162ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/504312916909710?v=2.9.158&r=stable&domain=giveaway.gemctphoto.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34defae415e84a497154d7c51c245ae584eae6703d7720daf5abc5662b8c348d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Jun 2024 00:03:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=51, mss=1328, tbw=63527, tp=-1, tpl=-1, uplat=150, ullat=0
pragma: public
x-fb-debug: kid9iceJL8yKP3ZuBbkRIworZaIP/MzM0dKghIodvSuKqoa6Q8VRW55jU73sEeUy3KNkxs9G8SEREQ4PRI33jQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 140ms
27ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136776518-1&cid=1506275982.1718409811&jid=1173593633&gjid=201686462&_gid=1308634937.1718409811&npa=1&_u=YADAAUAAAAAAACAAI~&z=236141200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Jun 2024 00:03:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveaway.gemctphoto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 40ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504312916909710&ev=PageView&dl=https%3A%2F%2Fgiveaway.gemctphoto.com%2F&rl=&if=false&ts=1718409811031&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718409811027.526474884926712257&ler=empty&cdl=API_unavailable&it=1718409810834&coo=false&rqm=GET

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1328, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Jun 2024 00:03:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 341ms
309ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=504312916909710&ev=PageView&dl=https%3A%2F%2Fgiveaway.gemctphoto.com%2F&rl=&if=false&ts=1718409811031&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718409811027.526474884926712257&ler=empty&cdl=API_unavailable&it=1718409810834&coo=false&rqm=FGET

Requested by

Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c26f2a7869d6994","source_keys":["1","2"]},{"key_piece":"0x2b2a03b6e97414d6","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 15 Jun 2024 00:03:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=15, mss=1328, tbw=3135, tp=-1, tpl=-1, uplat=298, ullat=0
pragma: no-cache
x-fb-debug: 5+hnzPZbyYUg9pujX7skcyr1N39s295deAVEYU6kM+mjI/3Pg+jIa0OTTtVzXVHnuFYL49MFEIQTZoo8pFtDzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo.png
static.showit.co/200/ra0Zbew3R5qT96sM3jV0XQ/87833/ 6 KB
0 0ms
0ms Image
image/png 18.244.18.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/200/ra0Zbew3R5qT96sM3jV0XQ/87833/logo.png
Requested by: Host: giveaway.gemctphoto.com
URL: https://giveaway.gemctphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: edef113e3bcfb55b4d866168ec4be273cc93c66c0bc3e5891f9d92419b7e96b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 15 Jun 2025 00:03:31 GMT
date: Sat, 15 Jun 2024 00:03:31 GMT
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2019 18:10:43 GMT
server: nginx
x-amz-cf-pop: FRA56-P11
etag: 9b3dba68972dba037c832dcd95a75df9
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-allow-origin
x-amz-cf-id: nr7GOXunm5Q3jPE0FYAXV50yk7qKszypGeYhsNy7KcuHW59E5yuyJQ==
content-length: 5819
media-server: node

GET
H2 200 logo.png
static.showit.co/200/ra0Zbew3R5qT96sM3jV0XQ/87833/ 6 KB
0 0ms
0ms Other
image/png 18.244.18.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.showit.co/200/ra0Zbew3R5qT96sM3jV0XQ/87833/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: edef113e3bcfb55b4d866168ec4be273cc93c66c0bc3e5891f9d92419b7e96b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://giveaway.gemctphoto.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 15 Jun 2025 00:03:31 GMT
date: Sat, 15 Jun 2024 00:03:31 GMT
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2019 18:10:43 GMT
server: nginx
x-amz-cf-pop: FRA56-P11
etag: 9b3dba68972dba037c832dcd95a75df9
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-allow-origin
x-amz-cf-id: nr7GOXunm5Q3jPE0FYAXV50yk7qKszypGeYhsNy7KcuHW59E5yuyJQ==
content-length: 5819
media-server: node

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gemctphoto.com/	1970-01-21 06:56:09	Name: _ga_KBZN7P7FLB Value: GS1.1.1718409810.1.0.1718409810.0.0.0
.gemctphoto.com/	1970-01-21 06:05:45	Name: _hjSessionUser_1735778 Value: eyJpZCI6IjNhYzM4MDY2LWNiOTEtNTBjOC05NjE2LTZmZWYwMTEyNDNjZCIsImNyZWF0ZWQiOjE3MTg0MDk4MTA2NzgsImV4aXN0aW5nIjp0cnVlfQ==
.gemctphoto.com/	1970-01-20 21:20:11	Name: _hjSession_1735778 Value: eyJpZCI6IjQzMjZhZmVkLWZiMTgtNDczYi1hYTY4LTkwYThlYTczZmQwMiIsImMiOjE3MTg0MDk4MTA2NzgsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.gemctphoto.com/	1970-01-21 06:56:09	Name: _ga Value: GA1.2.1506275982.1718409811
.gemctphoto.com/	1970-01-20 21:21:36	Name: _gid Value: GA1.2.1308634937.1718409811
.gemctphoto.com/	1970-01-20 21:20:09	Name: _gat_gtag_UA_136776518_1 Value: 1
.gemctphoto.com/	1970-01-20 23:29:45	Name: _fbp Value: fb.1.1718409811027.526474884926712257
.smartslides.com/	1970-01-21 01:39:21	Name: px-slideshow-prod-session-id Value: nmelk2w1xlan9q62e5jhi0xxe7m1c96o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
call.chatra.io
cdnjs.cloudflare.com
chat.chatra.io
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
gem-photography-26949.smartslides.com
giveaway.gemctphoto.com
lib.showit.co
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
static.showit.co
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.226.175.41
13.32.27.21
18.244.18.60
18.66.102.51
18.66.112.106
2001:4860:4802:32::36
2606:4700:10::6816:38e
2606:4700::6811:190e
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c02::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
63.33.251.85
75.101.134.27
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
097f2f574fb8173d52a7f1b74c18a33c125a4a5efe061ba390b30eb17549985e
09a6d6480c85f12ab5bb76ce616e5d2df0b19714db2ae5fd22bb882d8c699f88
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
34defae415e84a497154d7c51c245ae584eae6703d7720daf5abc5662b8c348d
3da25cac08d2a2a0b4f4c9a74651a281f77cc4833fb1c4709dbb4eb8680e78df
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
4021cc21b38324f3649e62540bef8209eca523c0b7e658fc944dee2c216fd273
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73b8057c918765ed1a41c6ca23e2c0530b51d396e12ce63071297c5a04178504
89a2840e72b9ea060982f79dd7c1ac1cc747617f2bd9790b79ac09497d97fe8f
90b8f3a01de0db57a2c7c5dd9fccf86d9c3953adf7bafa20e1588d16b091b8a0
9262f14372a064aeae3a047a67d9def6ea1063fef2978923559cee9c205bb1cd
992615b7940db80a463e32e644ab24447a557a2fb7686cf2b02dcf71e3b82188
9e6e380dc70aa0d116772b28a820ecbc3ba8ff7927e2f9de6ac09742bb1e1b49
a92498429bae5d606a1c0a63ef4522cef67c6737ed932ceddc8a885aaec91492
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b894f7fc93eb996ebc5f305fc767ac039573865c3205e632129b3a2fc5edab7e
cf903bf9cea23a3537d8c5dd25d2da4ea1c09e548e6ffb29ff4c51b9914e9087
d830f3f17e4a57bafd38204f095fea8680044978df83c71414c0703609ee168f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cd9ddc000ec229925b4bbb49be0d3d4df40b0818f6637d13841512f39869de
edef113e3bcfb55b4d866168ec4be273cc93c66c0bc3e5891f9d92419b7e96b8
fab192006332d57e957fafb41589b5c10d958869d2fffe02033682c84aa5a83b

giveaway.gemctphoto.com Open in urlscan Pro 75.101.134.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

61 %IPv6

14 Domains

19 Subdomains

18 IPs

4 Countries

935 kBTransfer

1983 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

giveaway.gemctphoto.com Open in urlscan Pro
75.101.134.27 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

61 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

935 kB
Transfer

1983 kB
Size

8
Cookies

32 HTTP transactions
0 data transactions