urlscan.io logo urlscan.io
SecurityTrails logo

lander.fridayplans.com Open in urlscan Pro
18.66.147.106  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://earyonemilimore.icu/
Effective URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Submission: On April 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 18.66.147.106, located in United States and belongs to AMAZON-02, US. The main domain is lander.fridayplans.com. The Cisco Umbrella rank of the primary domain is 631238.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 22nd 2024. Valid for: a year.
This is the only time lander.fridayplans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 4 35.157.49.161 16509 (AMAZON-02)
9 18.66.147.106 16509 (AMAZON-02)
1 23.59.65.108 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
2 34.117.186.192 396982 (GOOGLE-CL...)
15 6
4    35.157.49.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-49-161.eu-central-1.compute.amazonaws.com
earyonemilimore.icu
friday.quest
9    18.66.147.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-106.fra60.r.cloudfront.net
lander.fridayplans.com
1    23.59.65.108 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-65-108.deploy.static.akamaitechnologies.com
cdn-3.convertexperiments.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    34.117.186.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com
ipinfo.io
Apex Domain
Subdomains		 Transfer
9 fridayplans.com
lander.fridayplans.com — Cisco Umbrella Rank: 631238
397 KB
3 friday.quest
friday.quest
1 KB
2 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7609
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
88 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 363
31 KB
1 convertexperiments.com
cdn-3.convertexperiments.com — Cisco Umbrella Rank: 26012
68 KB
1 earyonemilimore.icu
earyonemilimore.icu
202 B
15 7
Domain Requested by
9 lander.fridayplans.com lander.fridayplans.com
3 friday.quest 2 redirects lander.fridayplans.com
2 ipinfo.io code.jquery.com
1 code.jquery.com lander.fridayplans.com
1 ajax.googleapis.com lander.fridayplans.com
1 cdn-3.convertexperiments.com lander.fridayplans.com
1 earyonemilimore.icu 1 redirects
15 7

This site contains links to these domains. Also see Links.

Domain
intake.fridayplans.com
members.fridayplans.com
fridayplans.com
Subject Issuer Validity Valid
lander.fridayplans.com
Amazon RSA 2048 M03		 2024-01-22 -
2025-02-19		 a year crt.sh
*.convertexperiments.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-09 -
2024-11-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
friday.quest
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh
ipinfo.io
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Frame ID: AB6E711B53CAE79AD67379EE0CD5C25F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New Online Pharmacy Program Offers Residents FREE Generic Viagra® Prescription. You Can Check If You Qualify in 2 Minutes.

Page URL History Show full URLs

  1. http://earyonemilimore.icu/ HTTP 307
    https://earyonemilimore.icu/ HTTP 302
    https://friday.quest/f4e55e34-689d-4373-965a-f600a39af31c?d=getfridayplans.com HTTP 307
    https://friday.quest/f4e55e34-689d-4373-965a-f600a39af31c/2?d=getfridayplans.com HTTP 302
    https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

584 kB
Transfer

817 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://earyonemilimore.icu/ HTTP 307
    https://earyonemilimore.icu/ HTTP 302
    https://friday.quest/f4e55e34-689d-4373-965a-f600a39af31c?d=getfridayplans.com HTTP 307
    https://friday.quest/f4e55e34-689d-4373-965a-f600a39af31c/2?d=getfridayplans.com HTTP 302
    https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tv.html
lander.fridayplans.com/program/
Redirect Chain
  • http://earyonemilimore.icu/
  • https://earyonemilimore.icu/
  • https://friday.quest/f4e55e34-689d-4373-965a-f600a39af31c?d=getfridayplans.com
  • https://friday.quest/f4e55e34-689d-4373-965a-f600a39af31c/2?d=getfridayplans.com
  • https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
b5f9f361c2829dfbfb586ee8b469ec54e8831f7e1ed0bba0ba7ef4fb85223dc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600
content-encoding
br
content-type
text/html
date
Thu, 25 Apr 2024 13:10:27 GMT
server
nginx
strict-transport-security
max-age=63072000
vary
Accept-Encoding
via
1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-id
FRW-p3T-JDHttf7KWpx97yqdB8V4rSb9xSQ8Db9mmkqPIBN8z22JOQ==
x-amz-cf-pop
FRA56-P8 FRA60-P4
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
x-bz-content-sha1
unverified:66b183b451d04001720510f2f9701939f7bfd53b
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f108c90c2ed888525_d20240417_m221810_c000_v0001403_t0005_u01713392290520
x-bz-file-name
Foreveryoung.club/google-lander-1/program/tv.html
x-bz-upload-timestamp
1713392290520
x-cache
Miss from cloudfront

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Thu, 25 Apr 2024 13:10:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
pragma
no-cache
server
nginx
style.css
lander.fridayplans.com/program/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lander.fridayplans.com/program/css/style.css?v=6
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
8a1f7af09758bac9d77d852433bcbf7de5a267446ae15c03d4f0c5c5f7a3474e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:27 GMT
strict-transport-security
max-age=63072000
via
1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
content-encoding
br
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f101e72f3b7f8e517_d20220330_m160226_c000_v0001060_t0019_u01648656146273
x-amz-cf-pop
FRA56-P8, FRA60-P4
x-bz-content-sha1
unverified:35131d1c312ebbd7308facf7bb6a47a93257b07a
x-cache
Miss from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/css/style.css
x-bz-upload-timestamp
1648656146273
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=600
x-amz-cf-id
0jtosQPoWYiqj8Oo3JpgZpOhfpz8pB2GWtrMp2tKkPBzZzIJayJOkQ==
10005721-10006415.js
cdn-3.convertexperiments.com/js/ 		222 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.convertexperiments.com/js/10005721-10006415.js
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.65.108 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-65-108.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51205f781ca22341f7c3d75d5f2a5619522d546591eeabc49cce3490ea1181c5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:27 GMT
content-encoding
gzip
cache-control
public, max-age=291
strict-transport-security
max-age=15768000
x-privacy-policy
You can find our privacy policy at https://www.convert.com/privacy-notice/
vary
Accept-Encoding
content-type
application/javascript
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 10:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Apr 2025 10:14:53 GMT
1649741569logo-2.png
lander.fridayplans.com/program/img/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lander.fridayplans.com/program/img/1649741569logo-2.png
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4ad50e8e1a44d06befc1718d985bc4e6fda67988d92e8d16ae8eab1294b8c5d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:27 GMT
strict-transport-security
max-age=63072000
via
1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f111d4d6352570b40_d20220412_m213056_c000_v0001052_t0048_u01649799056430
x-amz-cf-pop
FRA56-P8, FRA60-P4
x-bz-content-sha1
unverified:c4f89ca6d444ca48dff3cddeb0a5bdabe4ae2b63
x-cache
Miss from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/img/1649741569logo-2.png
content-length
17553
x-bz-upload-timestamp
1649799056430
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
content-type
image/png
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
cxtim3gvi1b5cUHPxBoA_OJ9-EbJJWFXpUEyDNkrijoHF_UeBamhig==
1697707391author-stars.png
lander.fridayplans.com/program/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lander.fridayplans.com/program/img/1697707391author-stars.png
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
69e93f62f50d3dbe09dfdec1ee018bdc5cff5dba4da26b55f1b72c389a1977fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:28 GMT
strict-transport-security
max-age=63072000
via
1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f109e2bfd26da5c81_d20231023_m171419_c000_v0001411_t0050_u01698081259669
x-amz-cf-pop
FRA56-P8, FRA60-P4
x-bz-content-sha1
unverified:010f66af665cd4f5c24aec16c4b6bf4b41d13c43
x-cache
Miss from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/img/1697707391author-stars.png
content-length
4954
x-bz-upload-timestamp
1698081259669
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
content-type
image/png
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
RkBV3-cxUneiTwbpMARWfcfSA1YF7rRXtNu6D_jecazNzV1VPbbcNw==
ava1.png
lander.fridayplans.com/program/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lander.fridayplans.com/program/img/ava1.png
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
8293ff8e217f70c3af370b2dabd01e1db1b444e7ffb42a785e0817e9b910f8fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:04:46 GMT
strict-transport-security
max-age=63072000
via
1.1 5dbbe1c6db9a003131a63be8ded250a4.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f117dd30512ff2924_d20240417_m221628_c000_v0001413_t0004_u01713392188346
x-amz-cf-pop
FRA56-P8, FRA60-P4
age
341
x-bz-content-sha1
unverified:0d6c876b0d1dbc28a6382440219b122b34d5596c
x-cache
Hit from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/img/ava1.png
content-length
3116
x-bz-upload-timestamp
1713392188346
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
content-type
image/png
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
AXm0K48LQsfKePBPI0ZJR79usIPBjxt9EtqbZNBym9jhd2vvVYN1dQ==
header-min.jpg
lander.fridayplans.com/program/img/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lander.fridayplans.com/program/img/header-min.jpg
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4ccaff775ba0097b2249ad4a4457f874d2ec2ed868d22afa51dcbdfad90f8468
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:27 GMT
strict-transport-security
max-age=63072000
via
1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f11425e4fe56d6677_d20240321_m150952_c000_v0001407_t0051_u01711033792147
x-amz-cf-pop
FRA56-P8, FRA60-P4
x-bz-content-sha1
unverified:5067989aa3b669f3fb7ff7220ae00b1b4e81c299
x-cache
Miss from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/img/header-min.jpg
content-length
192909
x-bz-upload-timestamp
1711033792147
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
content-type
image/jpeg
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
VuCucypQK8gQtcuwORZMWK84EuqDZSIzXLhr4tw5hCdm3dX5i3R9gg==
1697715438receipt-image-2.jpg
lander.fridayplans.com/program/img/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lander.fridayplans.com/program/img/1697715438receipt-image-2.jpg
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
789d295c5729ba5457cc93d737f79e6d1c558ad5b92852b1a70dbeae56d65dc5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:28 GMT
strict-transport-security
max-age=63072000
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f104b009e9ab1bc62_d20231023_m171419_c000_v0001074_t0013_u01698081259722
x-amz-cf-pop
FRA56-P8, FRA60-P4
x-bz-content-sha1
unverified:36c0b6c4f0beb4dd1c8ab1f3bfe32e53ce510a55
x-cache
Miss from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/img/1697715438receipt-image-2.jpg
content-length
153500
x-bz-upload-timestamp
1698081259722
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
content-type
image/jpeg
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
avy-TZHLN4J3Re_tjFSWneW6jtW8-3vsnPR_yIfppNlYWfHzto8C1A==
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/
Origin
https://lander.fridayplans.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:27 GMT
via
1.1 varnish, 1.1 varnish
age
97108
x-cache
HIT, HIT
content-length
89501
x-served-by
cache-lga21931-LGA, cache-cph2320049-CPH
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714050628.965569,VS0,VE0
etag
"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
237, 8620
safety.js
lander.fridayplans.com/program/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lander.fridayplans.com/program/js/safety.js?v=6
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
19f20bbcf11a1ff1e443607cad0ed3868a824ba0d25281c679d6c84dd194edf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:28 GMT
strict-transport-security
max-age=63072000
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
content-encoding
br
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f115cd2995266fb42_d20240408_m150359_c000_v0001081_t0053_u01712588639198
x-amz-cf-pop
FRA56-P8, FRA60-P4
x-bz-content-sha1
unverified:84219be8e3da47c995306c49b32bac6f366c9655
x-cache
Miss from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/js/safety.js
x-bz-upload-timestamp
1712588639198
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
x-amz-cf-id
weFLSpKrPCCZbfEG6OWqw9C58thL0jI6VK9om_xzCR7peg-BwpB4sA==
conversion.gif
friday.quest/ 		43 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friday.quest/conversion.gif?et=0001&cid=wh2aulksgipc7dr03mv8erba
Requested by
Host: lander.fridayplans.com
URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.49.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-49-161.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 25 Apr 2024 13:10:28 GMT
cache-control
no-store, no-cache, pre-check=0, post-check=0
server
nginx
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
json
ipinfo.io/ 		368 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json?token=5c9082470d0ca4
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.186.117.34.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
fbd74624d8df1fdded7667314b90692bbe1e13b4c3174ad62a26fbe1f1bfafbd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://lander.fridayplans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:28 GMT
via
1.1 google
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=2592000; includeSubDomains
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
368
x-xss-protection
1; mode=block
json
ipinfo.io/ 		368 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json?token=5c9082470d0ca4
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.186.117.34.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
fbd74624d8df1fdded7667314b90692bbe1e13b4c3174ad62a26fbe1f1bfafbd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://lander.fridayplans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:28 GMT
via
1.1 google
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=2592000; includeSubDomains
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
368
x-xss-protection
1; mode=block
favicon.ico
lander.fridayplans.com/program/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lander.fridayplans.com/program/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
f835d43994e978b3ade63a68e62d5b61adef41742c282d43515a6702afb34b1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 13:10:29 GMT
strict-transport-security
max-age=63072000
via
1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront), 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-bz-file-id
4_z7643bb2a8a208bf27e570a14_f102ee17710ab626a_d20220413_m190235_c000_v0001058_t0030_u01649876555622
x-amz-cf-pop
FRA56-P8, FRA60-P4
x-bz-content-sha1
unverified:702679924aad093f8549f5d80d01d979afaf2cda
x-cache
Miss from cloudfront
x-bz-file-name
Foreveryoung.club/google-lander-1/program/favicon.ico
content-length
15086
x-bz-upload-timestamp
1649876555622
server
nginx
x-bz-client-unauthorized-to-read
X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
content-type
image/x-icon
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
MJcwrYPRFxztKcqfmytnYBQRuDQBRF-j5KBZwCp2WZ8sMHbdoWWsVQ==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| convert_temp undefined| loglyjson object| convertData function| $ function| jQuery object| matched function| REED_$ object| REED object| convert object| _conv_q object| _gaq function| ga object| dataLayer object| _kmq boolean| globalExecutedTs string| secure function| hj function| gtag string| querystring string| url_string object| url string| c object| _hmt object| _czc object| emosGlobalProperties object| _paq object| _wt1Q

4 Cookies

Domain/Path Name / Value
.friday.quest/ Name: f4e55e34-689d-4373-965a-f600a39af31c-v4
Value: TdZ0JVo-Pxvl8m7TunW8qEWcSejXtp5HnMYt3VxoD1A
.friday.quest/ Name: cc-v4
Value: LUR5LsusnGAXYsm6hFIKO%2F4ylAbxFfJx3UzbsJiO56CSBi9e%2B6BsTb0a6ZH5tcP1JQPQGol9J914SL40l6txd5cWrzBDmojjJtp3fubJIc0cXdG9%2BP94jTmVNUNcefbxtdKWLjyh3ULjXe1oeOGRog%3D%3D
.fridayplans.com/ Name: _conv_v
Value: vi%3A1*sc%3A1*cs%3A1714050628*fs%3A1714050628*pv%3A1
.fridayplans.com/ Name: _conv_s
Value: si%3A1*sh%3A1714050627857-0.47662319092926886*pv%3A1

2 Console Messages

Source Level URL
Text
other warning URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lander.fridayplans.com/program/tv.html?clk=wh2aulksgipc7dr03mv8erba&coupon=WELCOME&src=TVD&type=dr&external=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000