urlscan.io logo urlscan.io
SecurityTrails logo

affiliates.1stmillion.com Open in urlscan Pro
161.35.235.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://affiliates.1stmillion.com/
Effective URL: https://affiliates.1stmillion.com/signup
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 18 HTTP transactions. The main IP is 161.35.235.194, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is affiliates.1stmillion.com.
TLS certificate: Issued by E6 on June 17th 2024. Valid for: 3 months.
This is the only time affiliates.1stmillion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    161.35.235.194 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
affiliates.1stmillion.com
friends.rewardful.com
3    2600:9000:2644:4e00:18:6def:d0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.getrewardful.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.33.187.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-40.fra60.r.cloudfront.net
cdn.rollbar.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.244.18.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-113.fra56.r.cloudfront.net
js.stripe.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:20::ac43:4687 (United States)

ASN13335 (CLOUDFLARENET, US)
friends.getrewardful.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.216.251.126 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
274 KB
4 getrewardful.com
cdn.getrewardful.com
friends.getrewardful.com
340 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
969 B
3 1stmillion.com
affiliates.1stmillion.com
19 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1556
150 KB
1 amazonaws.com
s3.amazonaws.com
4 KB
1 rewardful.com
friends.rewardful.com
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
901 B
1 rollbar.com
cdn.rollbar.com — Cisco Umbrella Rank: 16487
24 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
101 KB
18 10
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
3 www.google.com affiliates.1stmillion.com
www.gstatic.com
3 cdn.getrewardful.com
3 affiliates.1stmillion.com 2 redirects
2 js.stripe.com affiliates.1stmillion.com
js.stripe.com
1 s3.amazonaws.com
1 www.gstatic.com www.google.com
1 friends.rewardful.com affiliates.1stmillion.com
1 friends.getrewardful.com 1 redirects
1 fonts.googleapis.com affiliates.1stmillion.com
1 cdn.rollbar.com affiliates.1stmillion.com
1 www.googletagmanager.com affiliates.1stmillion.com
18 12

This site contains no links.

Subject Issuer Validity Valid
affiliates.1stmillion.com
E6		 2024-06-17 -
2024-09-15		 3 months crt.sh
cdn.getrewardful.com
Amazon RSA 2048 M03		 2024-06-09 -
2025-07-08		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdn.rollbar.com
Amazon RSA 2048 M03		 2024-04-11 -
2025-05-09		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://affiliates.1stmillion.com/signup
Frame ID: E773CD64A098FF8B9545C5363AB68337
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: F8ABC6B2842408D8DF1739C2F0A0973C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMocMUAAAAAFPlLsVDnIDUYSJh93KK_2VcAlnj&co=aHR0cHM6Ly9hZmZpbGlhdGVzLjFzdG1pbGxpb24uY29tOjQ0Mw..&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=normal&cb=asc20i8pegcw
Frame ID: A96F99C8A849062163D002C917AF201A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&k=6LfMocMUAAAAAFPlLsVDnIDUYSJh93KK_2VcAlnj
Frame ID: CA06356DF794D28497B5B0F82812A306
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1st Million | Sign up

Page URL History Show full URLs

  1. https://affiliates.1stmillion.com/ HTTP 302
    https://affiliates.1stmillion.com/signup Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

18
Requests

89 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

917 kB
Transfer

3070 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://affiliates.1stmillion.com/ HTTP 302
    https://affiliates.1stmillion.com/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://friends.getrewardful.com/packs/rw.js HTTP 301
  • https://friends.rewardful.com/packs/rw.js
Request Chain 16
  • https://affiliates.1stmillion.com/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTI4NjY4LCJwdXIiOiJibG9iX2lkIn19--d12ab12744a1370c53bef3207f54d7fc6e28f138/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGVnIiwicmVzaXplIjoiMTAweDEwMCJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--7081983d9a910aac356e19fba4e7f08885b0d0c5/IMG_2125.jpeg HTTP 302
  • https://s3.amazonaws.com/uploads.getrewardful.com/22uyb218mmry2rf10ecaq0hcgy8d?response-content-disposition=inline%3B%20filename%3D%22IMG_2125.jpeg%22%3B%20filename%2A%3DUTF-8%27%27IMG_2125.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAI266YNZ4KFDLE2AA%2F20240619%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240619T010945Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=622e48a9571ef91cff9f96d1a9471caf5d48c06d1ce9fd645d3fbe97db2d8eb3

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signup
affiliates.1stmillion.com/
Redirect Chain
  • https://affiliates.1stmillion.com/
  • https://affiliates.1stmillion.com/signup
16 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliates.1stmillion.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.235.194 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy Cowboy /
Resource Hash
a51e43e8049134642e9b12276266fc8b1a83119bfcbdd9165612771bbc924c12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
16258
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 01:09:44 GMT
etag
W/"a51e43e8049134642e9b12276266fc8b"
link
<https://cdn.getrewardful.com/assets/application-574d1b36c8282f7251d6c51ea477a1570edc3088fb4de483ebd84a8a671a457e.css>; rel=preload; as=style; nopush,<https://cdn.getrewardful.com/packs/js/application-8dc8cce211236a4d0380.js>; rel=preload; as=script; nopush,<https://cdn.getrewardful.com/packs/css/application-01fe4901.css>; rel=preload; as=style; nopush
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718759384&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=j8toiuxp8yEy1XToSzPLkgZrigYf2ekjf3VIpZpYtXQ%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718759384&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=j8toiuxp8yEy1XToSzPLkgZrigYf2ekjf3VIpZpYtXQ%3D
server
Caddy Cowboy
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
44edb39a-5fe6-4283-b8a2-685bc8fe01c5
x-runtime
0.067344
x-xss-protection
0

Redirect headers

cache-control
no-cache
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 01:09:43 GMT
location
https://affiliates.1stmillion.com/signup
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718759383&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=tgjTwkUWeNTezl%2BvV7rw3oq5nmZcZGxayDRLTPXJGJA%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718759383&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=tgjTwkUWeNTezl%2BvV7rw3oq5nmZcZGxayDRLTPXJGJA%3D
server
Caddy Cowboy
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur
x-request-id
75ce3713-a5f3-4e6f-b8b7-a157d08d9898
x-runtime
0.024597
application-574d1b36c8282f7251d6c51ea477a1570edc3088fb4de483ebd84a8a671a457e.css
cdn.getrewardful.com/assets/ 		268 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getrewardful.com/assets/application-574d1b36c8282f7251d6c51ea477a1570edc3088fb4de483ebd84a8a671a457e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4e00:18:6def:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
371daf159ddbf1183fd4853dc7061ff37eb0c4e3f5f68b0f2a696f018c5d038e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 vegur, 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
date
Wed, 19 Jun 2024 00:38:32 GMT
x-amz-cf-pop
FRA60-P6
age
2197
x-cache
Hit from cloudfront
content-length
39343
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718429435&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=maX32Ty%2BHmXhX2G%2B1jcuXINa9r21Qf1KGopKBVMFXIA%3D
last-modified
Thu, 13 Jun 2024 15:45:47 GMT
server
cloudflare
vary
accept-encoding, Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718429435&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=maX32Ty%2BHmXhX2G%2B1jcuXINa9r21Qf1KGopKBVMFXIA%3D"}]}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89407db5bea59bdd-FRA
x-amz-cf-id
xWEMG2SAhEJVdjRFu0uSsym9GbKzDESrXr5WQoufmr8oJ6svZr4G_g==
application-8dc8cce211236a4d0380.js
cdn.getrewardful.com/packs/js/ 		1 MB
283 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getrewardful.com/packs/js/application-8dc8cce211236a4d0380.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4e00:18:6def:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040f9da5193bdde42e5cfc7a7b7d4e781ba746d0a5ce54ebefc219c6b03b9ef7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur, 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
date
Tue, 18 Jun 2024 21:20:18 GMT
x-amz-cf-pop
FRA60-P6
age
14211
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718650248&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8kL0EnfGFtk3rb1gplMFYNxa2AbmuQ4rzjJ%2B%2Bhpg9F0%3D
last-modified
Mon, 17 Jun 2024 16:40:03 GMT
server
cloudflare
vary
accept-encoding, Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718650248&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8kL0EnfGFtk3rb1gplMFYNxa2AbmuQ4rzjJ%2B%2Bhpg9F0%3D"}]}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89553a345df990d4-FRA
x-amz-cf-id
oWt-2UucDdEpSmpn3bT4KicrqNiXY10Tz-D4DzokITpJZtc8TI29vg==
application-01fe4901.css
cdn.getrewardful.com/packs/css/ 		93 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getrewardful.com/packs/css/application-01fe4901.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4e00:18:6def:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85dc49d61207152489a07abc406c94a654881ef55fd477cb03b50395239394ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur, 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
date
Tue, 18 Jun 2024 23:01:46 GMT
x-amz-cf-pop
FRA60-P6
age
7841
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718650248&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8kL0EnfGFtk3rb1gplMFYNxa2AbmuQ4rzjJ%2B%2Bhpg9F0%3D
last-modified
Mon, 17 Jun 2024 16:40:03 GMT
server
cloudflare
vary
accept-encoding, Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718650248&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=8kL0EnfGFtk3rb1gplMFYNxa2AbmuQ4rzjJ%2B%2Bhpg9F0%3D"}]}
content-type
text/css
cache-control
max-age=14400
cf-ray
89553a345e819974-FRA
x-amz-cf-id
ZxtutrxRzXwNwffv9JzA7NZP8IoC3SdmElgv6KyTrrR8JVvlUHj43A==
gtm.js
www.googletagmanager.com/ 		302 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBGTHP4
Requested by
Host: affiliates.1stmillion.com
URL: https://affiliates.1stmillion.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b9a4094edcde432bae226e2bc3db40d209a0df5254c3be8ac46195262ca64ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:09:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102824
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jun 2024 01:09:44 GMT
rollbar.min.js
cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.1/rollbar.min.js
Requested by
Host: affiliates.1stmillion.com
URL: https://affiliates.1stmillion.com/signup
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41764f6cf1cfa99fad12f1ee265ea0bb292761f6b15d1f5432756524854cd77f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Origin
https://affiliates.1stmillion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 14:11:22 GMT
Content-Encoding
gzip
Via
1.1 27cdec4bbea3c020f504b2062d4e122c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P9
Age
125902
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 04 Jan 2023 20:16:53 GMT
Server
AmazonS3
ETag
W/"ddf66d492e77fc149633a129f1f09c40"
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=30672000,public
X-Amz-Cf-Id
rvjrJ1BxpqEn7aUfae_W-9-0miiVN9Xo4XcDy7sqHnZpRZpdw-puqQ==
css
fonts.googleapis.com/ 		4 KB
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900
Requested by
Host: affiliates.1stmillion.com
URL: https://affiliates.1stmillion.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b64431320e0dfa11c71514611175f31efb3c7a91bebe0b9ef475ef93342b78ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 01:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 01:01:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 01:09:44 GMT
/
js.stripe.com/v3/ 		613 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: affiliates.1stmillion.com
URL: https://affiliates.1stmillion.com/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-113.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7129f31301880a888b36f5dea00384894176fe40a7f70cd2ffac5d55b5f889bc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:09:44 GMT
content-encoding
br
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P11
x-cache
Hit from cloudfront
last-modified
Tue, 18 Jun 2024 20:44:33 GMT
server
Cloudfront
etag
W/"7090e1f0d83493fc6ce9dc187bdb8a9c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
LdxB7acxtf1OPEe6qZPlvc7Ybkm4c_bMaqV7oecFQTzwzJfM7O32Ew==
api.js
www.google.com/recaptcha/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaLoaded&render=explicit
Requested by
Host: affiliates.1stmillion.com
URL: https://affiliates.1stmillion.com/signup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f17f46eed7b8b17b13efc69be3006fdba006ce6cb08fb83b21b52e45b8a5f7eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 19 Jun 2024 01:09:44 GMT
rw.js
friends.rewardful.com/packs/
Redirect Chain
  • https://friends.getrewardful.com/packs/rw.js
  • https://friends.rewardful.com/packs/rw.js
18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.rewardful.com/packs/rw.js
Requested by
Host: affiliates.1stmillion.com
URL: https://affiliates.1stmillion.com/signup
Protocol
H2
Server
161.35.235.194 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy, AmazonS3 /
Resource Hash
694e96879889c58b4b8c4b33735f065a38c428feb61529b608c2da2a143531ae

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://affiliates.1stmillion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 00:50:25 GMT
content-encoding
gzip
via
1.1 c336b36aafb14d41a21b17f8933d9ac4.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jun 2024 18:50:22 GMT
server
Caddy, AmazonS3
age
1161
x-amz-cf-pop
LAX50-P5
etag
W/"bc02ec1bd55913986df0d10f768022d6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
k4voiYm4QKwTrzkMlxpjgRYt2DmRNBRv-GU2oQrR5rKkXtPTyfkc1Q==

Redirect headers

date
Wed, 19 Jun 2024 01:09:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TsVmbmXiR9K%2BG4F6R4H4ATx7HYGHshgX7UsxppV2K4zLZsdmxUWbyRyEVeg1nZHZkfFF2EImdC5hzYkUq39NpsMNpnadxYbfEAvp8ohiZWNfdCCIlLevVu%2BMNpK5J0AiIBup56gervdvWTAHdaBluKb%2Fm2%2BcoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://friends.rewardful.com/packs/rw.js
cache-control
max-age=3600
cf-ray
895fa2ab3e98a064-FRA
content-length
167
expires
Wed, 19 Jun 2024 02:09:44 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://affiliates.1stmillion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:47:47 GMT
x-content-type-options
nosniff
age
37317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:47:47 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://affiliates.1stmillion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:56:54 GMT
x-content-type-options
nosniff
age
36770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:56:54 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://affiliates.1stmillion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:41:04 GMT
x-content-type-options
nosniff
age
37720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:41:04 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame F8AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-113.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://affiliates.1stmillion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3126
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 00:17:41 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 30 May 2024 20:04:59 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b166ca183629eada7c88ffe6bf8562a2.cloudfront.net (CloudFront)
x-amz-cf-id
CgcU-tfX56ziJDpu4y23RdjOh8bKtmXn7NvbuWOKD5qhEpXJsplv4Q==
x-amz-cf-pop
FRA56-P11
x-cache
Hit from cloudfront
x-content-type-options
nosniff
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/ 		518 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affiliates.1stmillion.com/
Origin
https://affiliates.1stmillion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:50:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210217
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 16:44:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 14:50:04 GMT
anchor
www.google.com/recaptcha/api2/ Frame A96F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMocMUAAAAAFPlLsVDnIDUYSJh93KK_2VcAlnj&co=aHR0cHM6Ly9hZmZpbGlhdGVzLjFzdG1pbGxpb24uY29tOjQ0Mw..&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=normal&cb=asc20i8pegcw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g0SGvBTL8wYJyPJxCkbjNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://affiliates.1stmillion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-g0SGvBTL8wYJyPJxCkbjNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 01:09:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame CA06 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&k=6LfMocMUAAAAAFPlLsVDnIDUYSJh93KK_2VcAlnj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k00FyoDVJUzHNF0SepEgpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://affiliates.1stmillion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-k00FyoDVJUzHNF0SepEgpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 01:09:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
22uyb218mmry2rf10ecaq0hcgy8d
s3.amazonaws.com/uploads.getrewardful.com/
Redirect Chain
  • https://affiliates.1stmillion.com/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTI4NjY4LCJwdXIiOiJibG9iX2lkIn19--d12ab12744a1370c53bef3207f54d7fc6e28f138/eyJfcmFpbHMiOnsiZG...
  • https://s3.amazonaws.com/uploads.getrewardful.com/22uyb218mmry2rf10ecaq0hcgy8d?response-content-disposition=inline%3B%20filename%3D%22IMG_2125.jpeg%22%3B%20filename%2A%3DUTF-8%27%27IMG_2125.jpeg&re...
3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/uploads.getrewardful.com/22uyb218mmry2rf10ecaq0hcgy8d?response-content-disposition=inline%3B%20filename%3D%22IMG_2125.jpeg%22%3B%20filename%2A%3DUTF-8%27%27IMG_2125.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAI266YNZ4KFDLE2AA%2F20240619%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240619T010945Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=622e48a9571ef91cff9f96d1a9471caf5d48c06d1ce9fd645d3fbe97db2d8eb3
Protocol
HTTP/1.1
Server
52.216.251.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
112a043a9412e8bc5294ad2c90d26aa416620baa667e0a43c1c2102447a22b0d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://affiliates.1stmillion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 19 Jun 2024 01:09:46 GMT
Last-Modified
Tue, 18 Jun 2024 05:32:18 GMT
Server
AmazonS3
x-amz-request-id
X2P7QE5S868Q7E0G
ETag
"7f091d185b42a76c1bf628889f30ea9d"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Content-Disposition
inline; filename="IMG_2125.jpeg"; filename*=UTF-8''IMG_2125.jpeg
Accept-Ranges
bytes
Content-Length
3301
x-amz-id-2
5ooNgJvRzQXf4zoa4xVGFt3U3n7rr8rKuIzDG4meYbmTLEI1FVrAUhUmAOI4A+AsGecpqiJqxnI=

Redirect headers

date
Wed, 19 Jun 2024 01:09:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
content-length
0
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718759385&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=p99rVO2l4Lu5UtOM7HipdjFJZvR%2BpqkeJEsvhEEkKKM%3D
x-request-id
0a6bd6ac-c13e-4c75-8946-a1f721c46734
x-runtime
0.018768
referrer-policy
strict-origin-when-cross-origin
server
Caddy, Cowboy
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718759385&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=p99rVO2l4Lu5UtOM7HipdjFJZvR%2BpqkeJEsvhEEkKKM%3D"}]}
content-type
text/html; charset=utf-8
location
https://s3.amazonaws.com/uploads.getrewardful.com/22uyb218mmry2rf10ecaq0hcgy8d?response-content-disposition=inline%3B%20filename%3D%22IMG_2125.jpeg%22%3B%20filename%2A%3DUTF-8%27%27IMG_2125.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAI266YNZ4KFDLE2AA%2F20240619%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240619T010945Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=622e48a9571ef91cff9f96d1a9471caf5d48c06d1ce9fd645d3fbe97db2d8eb3
cache-control
max-age=300, private

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| dataLayer object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackJsonp object| regeneratorRuntime object| Turbo object| Trix number| uidEvent function| flatpickr object| Stimulus function| $ boolean| _rails_loaded function| recaptchaLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| recaptcha object| closure_lm_944206 boolean| _rewardful_loaded function| Rewardful function| rewardful

6 Cookies

Domain/Path Name / Value
affiliates.1stmillion.com/ Name: _rewardful_session
Value: 2zcADtQEacbX%2BqjpBLvx%2FoTDutxZEOxtmnPtTShZlXWDHEbOKBS0ElyNGdc5tkHGXZRHf5c3DNisJKNVeqYiZt3UXFwg2YIcocXhnTaGNX1xIsAH3Bpjlt2y5V%2FkHTMbkWMN2gRlvCISxyiBtUhrJz%2BkUwh4dkTx%2BDhoN7WOgj2dNqpTpoDRQEiicl6%2FI8FUC4XwOm2rfx6CPATHcjfIP7eBvncxOWj%2BCUN3qO0flBS3koWxyVYGkBQeJvkaC%2BPmR6pOjA%2FlQotVm85FV4Y5DMClO4XrFtpUZ5V%2Fe1UqaaI3lw9H98nzlDYtqBcwkHDamdHVwryrllcYwuG5JI7NlJMEzWCo1nibemIMkIEVbi6peYS%2FQEgCgRY77sJ9tFPQ4p7Li7MKmYMAaGsPH8heV4gV%2FQgDWF%2FRzTp%2BQ56StK468T2MiMTLjpqLsw0HVocZ00wPTXLsOlt5uZ7H%2FtCZOzSmALY6yuXBPIAphomtpbpTIu8fWJ0olcAm0qk3MZZ8hnTJGSNSPZ2wgjpmv%2B9CN547EH%2FB9w%3D%3D--0yO%2FZuijSaYHqqgd--G6eSFoVUpanC2wC48qr9Cw%3D%3D
.1stmillion.com/ Name: initialTrafficSource
Value: utmcsr=(direct)|utmcmd=(none)|utmccn=(not set)|date=2024-06-19T01:09:44.882Z|lp=https://affiliates.1stmillion.com/signup
.1stmillion.com/ Name: __utmzzses
Value: 1
m.stripe.com/ Name: m
Value: dddc08ee-0b96-4d99-88c0-647b5f23fad4ddd3ae
.affiliates.1stmillion.com/ Name: __stripe_mid
Value: 031ab1c8-8f25-45ee-8187-7fed18afa537e79d72
.affiliates.1stmillion.com/ Name: __stripe_sid
Value: 32a04d50-b8a9-4b79-9beb-68f708f176eb3d9d0d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliates.1stmillion.com
cdn.getrewardful.com
cdn.rollbar.com
fonts.googleapis.com
fonts.gstatic.com
friends.getrewardful.com
friends.rewardful.com
js.stripe.com
s3.amazonaws.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.33.187.40
161.35.235.194
18.244.18.113
2600:9000:2644:4e00:18:6def:d0c0:93a1
2606:4700:20::ac43:4687
2a00:1450:4001:800::2003
2a00:1450:4001:808::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2008
52.216.251.126
040f9da5193bdde42e5cfc7a7b7d4e781ba746d0a5ce54ebefc219c6b03b9ef7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
112a043a9412e8bc5294ad2c90d26aa416620baa667e0a43c1c2102447a22b0d
1b9a4094edcde432bae226e2bc3db40d209a0df5254c3be8ac46195262ca64ae
371daf159ddbf1183fd4853dc7061ff37eb0c4e3f5f68b0f2a696f018c5d038e
41764f6cf1cfa99fad12f1ee265ea0bb292761f6b15d1f5432756524854cd77f
694e96879889c58b4b8c4b33735f065a38c428feb61529b608c2da2a143531ae
7129f31301880a888b36f5dea00384894176fe40a7f70cd2ffac5d55b5f889bc
85dc49d61207152489a07abc406c94a654881ef55fd477cb03b50395239394ff
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a51e43e8049134642e9b12276266fc8b1a83119bfcbdd9165612771bbc924c12
b64431320e0dfa11c71514611175f31efb3c7a91bebe0b9ef475ef93342b78ad
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
f17f46eed7b8b17b13efc69be3006fdba006ce6cb08fb83b21b52e45b8a5f7eb