se1.afreegiftforme.com Open in urlscan Pro
144.76.79.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://se1.afreegiftforme.com/
Effective URL:
https://se1.afreegiftforme.com/start_419.html
Submission: On July 26 via api (July 26th 2023, 1:38:36 pm UTC) from US — Scanned from US

Summary HTTP 42 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 42 HTTP transactions. The main IP is 144.76.79.19, located in Germany and belongs to HETZNER-AS, DE. The main domain is se1.afreegiftforme.com.
TLS certificate: Issued by R3 on July 26th 2023. Valid for: 3 months.

This is the only time se1.afreegiftforme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	144.76.79.19 144.76.79.19	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:20:... 2606:4700:20::ac43:47b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.63.95.88 178.63.95.88	24940 (HETZNER-AS) (HETZNER-AS)
2	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
2	130.0.76.153 130.0.76.153	42442 (ADACOR-AS) (ADACOR-AS)
6	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	116.203.25.165 116.203.25.165	24940 (HETZNER-AS) (HETZNER-AS)
4	46.167.166.60 46.167.166.60	() ()
42	12

4 144.76.79.19 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead.se

se1.afreegiftforme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.63.95.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s5.golead.systems

mypixel.golead.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.0.76.153 (Germany)

ASN42442 (ADACOR-AS, DE)
PTR: 130-0-76-153.static.ip.adacor.net

api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.25.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.25.203.116.clients.your-server.de

swe-pe.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.167.166.60 (None, )

ASN- ()

identification-api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sovendus-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
press-tracking-api.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.sovendus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 17539 api.cleverpush.com	151 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	438 KB
5	sovendus.com api.sovendus.com — Cisco Umbrella Rank: 288875 identification-api.sovendus.com press-tracking-api.sovendus.com csp.sovendus.com	30 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1007 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2775	114 KB
4	afreegiftforme.com 1 redirects se1.afreegiftforme.com	174 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 409 fonts.googleapis.com — Cisco Umbrella Rank: 76	35 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
2	golead.systems mypixel.golead.systems	2 KB
1	sovendus-connect.com www.sovendus-connect.com	15 KB
1	mycleverpush.com swe-pe.mycleverpush.com	27 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	1 KB
42	11

	Domain	Requested by
10	static.cleverpush.com	se1.afreegiftforme.com static.cleverpush.com swe-pe.mycleverpush.com
4	api.cleverpush.com	static.cleverpush.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	se1.afreegiftforme.com	1 redirects se1.afreegiftforme.com
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	api.sovendus.com	mypixel.golead.systems api.sovendus.com
2	www.google.com	se1.afreegiftforme.com www.gstatic.com
2	mypixel.golead.systems	se1.afreegiftforme.com mypixel.golead.systems
2	fonts.googleapis.com	se1.afreegiftforme.com
2	stackpath.bootstrapcdn.com	se1.afreegiftforme.com stackpath.bootstrapcdn.com
2	maxcdn.bootstrapcdn.com	se1.afreegiftforme.com
1	csp.sovendus.com	se1.afreegiftforme.com
1	press-tracking-api.sovendus.com	api.sovendus.com
1	www.sovendus-connect.com	api.sovendus.com
1	identification-api.sovendus.com	api.sovendus.com
1	swe-pe.mycleverpush.com	static.cleverpush.com
1	cdnjs.cloudflare.com	se1.afreegiftforme.com
1	ajax.googleapis.com	se1.afreegiftforme.com
42	18

This site contains links to these domains. Also see Links.

Domain
www.10optin.com
www.sweden-post.se
www.cmnordic.se
forebygg.se
helaforsakring.se
stjarnerbjudandet.se
www.refunder.se
svenskavinnare.nu
www.vipo.se
www.superlottoclub.com
www.polarlotto.com
tryggsam.se
www.vitaepro.se
vitalplus.se
www.vesteralens.se
www.privacyshield.gov
www.google.de
www.google.com
support.google.com
tools.google.com
cleverpush.com

Subject Issuer	Validity	Valid
se1.afreegiftforme.com R3	`2023-07-26` - `2023-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
cleverpush.com E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
mypixel.golead.systems R3	`2023-07-07` - `2023-10-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.sovendus.com GeoTrust TLS RSA CA G1	`2022-10-11` - `2023-10-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh
*.sovendus-connect.com R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://se1.afreegiftforme.com/start_419.html
Frame ID: 23DE4AF9F4085DD2305B526C6EB23500
Requests: 30 HTTP requests in this frame

Frame: https://swe-pe.mycleverpush.com/iframe?origin=https%3A%2F%2Fse1.afreegiftforme.com
Frame ID: 0A1B2BDCA0C2EFA51B0167E440CAB390
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYqDUiAAAAAIQh7rVa9ggcptTFrHjVMLlnECig&co=aHR0cHM6Ly9zZTEuYWZyZWVnaWZ0Zm9ybWUuY29tOjQ0Mw..&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=u03ab93pb09z
Frame ID: 8894173FABC60F4915A2A7C5E2565493
Requests: 5 HTTP requests in this frame

Frame: https://www.sovendus-connect.com/banner/api/banner?timestamp=%201690378686&publisherId=419&trafficMediumNumber=2&trafficSourceNumber=5851&sovToken=R6PWtQqV8TisxsvAJMI5rXHMwlTgdsTQjhZQrYuXo4Y18S3zbPNhbz3GpzVtv3uRrr7ijPTbPXOUDbYx5nGA1Rp39rO1kw2HhpT-N30&sessionUuid=e0e16957-9086-4c7e-8642-71a24beb67bf&format=ssr&identifier=ident_3486725282654355&sessionId=45e6e23ada700e3dbcbda9680040d1be&processInstanceUuid=24a8f599-a458-54f4-9e9c-840f8ee4596a
Frame ID: 451654B7540BD15CF805177707BF3AE8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grattis!

Page URL History Show full URLs

https://se1.afreegiftforme.com/ HTTP 302
https://se1.afreegiftforme.com/start_419.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

42
Requests

100 %
HTTPS

55 %
IPv6

11
Domains

18
Subdomains

12
IPs

2
Countries

988 kB
Transfer

2320 kB
Size

2
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.10optin.com/privacy-policy/
Title: https://www.10optin.com/privacy-policy/

Search URL Search Domain Scan URL

URL: http://www.sweden-post.se/
Title: http://www.sweden-post.se/

Search URL Search Domain Scan URL

URL: http://www.cmnordic.se/privacy_policy_cmnordic.pdf
Title: http://www.cmnordic.se/privacy_policy_cmnordic.pdf

Search URL Search Domain Scan URL

URL: https://forebygg.se/privacy/
Title: https://forebygg.se/privacy/

Search URL Search Domain Scan URL

URL: https://helaforsakring.se/policies/information-om-personuppgiftsbehandling
Title: helaforsakring.se/policies/information-om-personuppgiftsbehandling

Search URL Search Domain Scan URL

URL: https://stjarnerbjudandet.se/index.php/gdpr-compliant-privacy-policy
Title: www.stjarnerbjudandet.se/index.php/gdpr-compliant-privacy-policy

Search URL Search Domain Scan URL

URL: https://www.refunder.se/
Title: https://www.refunder.se/#

Search URL Search Domain Scan URL

URL: http://svenskavinnare.nu/privacypolicysweden.html
Title: www.svenskavinnare.nu/privacypolicysweden.html

Search URL Search Domain Scan URL

URL: https://www.vipo.se/kontakt#integritetspolicy
Title: https://www.vipo.se/kontakt#integritetspolicy

Search URL Search Domain Scan URL

URL: https://www.superlottoclub.com/privacy-policy
Title: https://www.superlottoclub.com/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.polarlotto.com/integritetspolicy.pdf
Title: https://www.polarlotto.com/integritetspolicy.pdf

Search URL Search Domain Scan URL

URL: https://tryggsam.se/privacy
Title: https://tryggsam.se/privacy

Search URL Search Domain Scan URL

URL: https://www.vitaepro.se/kundservice/personuppgifter/
Title: https://www.vitaepro.se/kundservice/personuppgifter/

Search URL Search Domain Scan URL

URL: https://vitalplus.se/personuppgiftspolicy/
Title: www.vitalplus.se/content/personuppgiftspolicy

Search URL Search Domain Scan URL

URL: https://www.vesteralens.se/personuppgiftspolicy/
Title: https://www.vesteralens.se/personuppgiftspolicy/

Search URL Search Domain Scan URL

URL: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Title: (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)

Search URL Search Domain Scan URL

URL: http://www.google.de/intl/de/policies/privacy/?hl=de
Title: http://www.google.de/intl/de/policies/privacy/?hl=de

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/privacy/partners/?hl=de
Title: https://www.google.com/policies/privacy/partners/?hl=de

Search URL Search Domain Scan URL

URL: https://support.google.com/analytics/answer/6004245?hl=de
Title: https://support.google.com/analytics/answer/6004245?hl=de

Search URL Search Domain Scan URL

URL: http://tools.google.com/dlpage/gaoptout?hl=de
Title: http://tools.google.com/dlpage/gaoptout?hl=de

Search URL Search Domain Scan URL

URL: http://www.google.de/intl/de/policies/privacy/
Title: http://www.google.de/intl/de/policies/privacy/

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/privacy/
Title: https://www.google.com/policies/privacy/

Search URL Search Domain Scan URL

URL: https://cleverpush.com/
Title: Powered by CleverPush

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://se1.afreegiftforme.com/ HTTP 302
https://se1.afreegiftforme.com/start_419.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request start_419.html Show response
se1.afreegiftforme.com/
Redirect Chain

https://se1.afreegiftforme.com/
https://se1.afreegiftforme.com/start_419.html

122 KB
29 KB

289ms
286ms

Document
text/html

144.76.79.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se1.afreegiftforme.com/start_419.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.79.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead.se
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 35765eec1f2cb48fbc9f884dbb8ea343dece499d161894b29756a801ad49ba11

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 29261
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Jul 2023 13:38:06 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Jul 2023 13:38:06 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
location: https://se1.afreegiftforme.com/start_419.html

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 601ms
59ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 674, 617, 617
age: 16223714
cdn-cachedat: 2021-06-08 15:06:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f812051ffe4aeaf8770b63992348322f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7ecd0a8d3f5d21d9-MIA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 618ms
76ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 06:57:23 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/ 1 KB
1 KB 586ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/jquery.cookie.min.js

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 601040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 580
last-modified: Thu, 22 Jun 2023 11:06:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b19-244"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmzInmzo%2BRzXBVe4aSbXhnRjFoz3cGAWEFc91ezYwri%2FfmKvblQqqL6r0k3L%2BDUMOkdfMA8U%2FoCKgpx4SY8j%2F8DcbM9vXW8kb%2BvjIzMoS7T9idCg73qHlsNa029C9jOxpGv7s0wvo20wi0nMTYBoSTxy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ecd0a8d39208da3-MIA
expires: Mon, 15 Jul 2024 13:38:07 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 588ms
46ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 4906861
cdn-cachedat: 03/12/2022 18:02:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d29955e88c31f99d00a69293254d6853
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7ecd0a8d3f5e21d9-MIA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 628ms
86ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://se1.afreegiftforme.com/
Origin: https://se1.afreegiftforme.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 625
cdn-cachedat: 06/12/2023 20:15:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 42a13d5a5d15ea5e6468a0bad86ace8b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7ecd0a8d38412286-MIA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 417 B
729 B 632ms
91ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One&display=swap

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6562ea200bcbe751f7f8a091a6d26f190756e4f44a49a6c8c69cdb3e37ca613f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jul 2023 13:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 13:30:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jul 2023 13:38:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
860 B 652ms
111ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,500,700

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

940a2780647ad473c6d299a32d22b5adea4ac667fd3adcf46cfe8441dbdaeba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jul 2023 13:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 13:38:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jul 2023 13:38:07 GMT

GET
H2 200 cT248fsBnsww5uqef.js Show response
static.cleverpush.com/channel/loader/ 215 KB
55 KB 1011ms
910ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js
Requested by: Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce88d4544ef3f7bdc2ea36de169a1e364b0f11a19b629c89661ca348a7501317

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NZR2E34958TY76Y8
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0yFWWhrqJ63Ay6NpCwndCptVfwYqqMqszwvlXnWU1jh5LEgBmWojnDEmOmOqYe75I6wUFod0orw=
last-modified: Tue, 25 Jul 2023 00:02:39 GMT
server: cloudflare
etag: W/"7d2a875358e9b9a1dd699891ca7794f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hR3yEJHGQoQqyFz5Ss%2B2V2obiGxMN8MSi3pie8WIXcQOSJUPsPh4Gzf6Br5Ou9gPYpW4aRX0tofRFVhz%2FhwBpmChh5smWTOkWmDRc62Qd5wRSKgNziTvX2cJWFI4dE10MRTso96%2Fhn0ZWrHm0vDZnDMC8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 7ecd0a8eff4109d2-MIA

GET
H/1.1 200
OK desktop,se,banner.jpg
se1.afreegiftforme.com/media/adresseManager/microSiteImg/419/ 143 KB
143 KB 172ms
168ms Image
image/jpeg 144.76.79.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se1.afreegiftforme.com/media/adresseManager/microSiteImg/419/desktop,se,banner.jpg
Requested by: Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.79.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead.se
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f48b19853639a57fddad900cbdd96b50cbeef52114a51aae0c38ef7b296ff71f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/start_419.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 26 Jul 2023 13:38:08 GMT
Last-Modified: Wed, 26 Jul 2023 13:05:20 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "23c66-601637ffbd910"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 146534

GET
H/1.1 200
OK script.js Show response
mypixel.golead.systems/ 1005 B
900 B 950ms
173ms Script
application/javascript 178.63.95.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mypixel.golead.systems/script.js
Requested by: Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.95.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s5.golead.systems
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ba6a7eb9acf869a02a1f607e569cb9336d863de1addac148cce418a1e63b9c2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 26 Jul 2023 13:38:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 05:48:03 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3ed-5dfbb800bfc1a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 550

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
904 B 323ms
147ms Script
text/javascript 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfYqDUiAAAAAIQh7rVa9ggcptTFrHjVMLlnECig

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e4280561c4c84e46b461197ede83b1c954bc967a8f1ea1179eaa6f55844c28e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 1; mode=block
expires: Wed, 26 Jul 2023 13:38:08 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72010e02c94dcfe5626eddefc488ecb17590ae2c9e7034f878de6b38ec32f92

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 72ms
71ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://se1.afreegiftforme.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 975
cdn-cachedat: 09/03/2022 05:37:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdd31eb1f84fc0d37912344b37eeac50
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7ecd0a903b122286-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK script.js Show response
mypixel.golead.systems/1f5/ 3 KB
1 KB 528ms
198ms XHR
application/javascript 178.63.95.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mypixel.golead.systems/1f5/script.js?anrede=&tokenId=6674921&vorname=&nachname=&email=&strasse=&hausnr=&land=&plz=&ort=&telefon=&geburtsDatumDE=&geburtsDatumEN=--&geburtsJahr=&angabeBlacklistTreffer=&idDatensatzKampagne=&idAmKampagne=419&idPartner=&subId=&subIdentifier=&zielseite=adressdata1&medium=desktop&zielseite_medium=adressdata1_desktop&randomMD5=45e6e23ada700e3dbcbda9680040d1be&unixTimestamp=1690378686
Requested by: Host: mypixel.golead.systems
URL: https://mypixel.golead.systems/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.95.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s5.golead.systems
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 201852fc8d1cb080d109f493484aa01c484bd13e5bbc676b62774a3629d9e794

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 13:38:09 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 775
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 flexibleIframe.js Show response
api.sovendus.com/sovabo/common/js/ 3 KB
1 KB 1434ms
145ms Script
application/javascript 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sovendus.com/sovabo/common/js/flexibleIframe.js

Requested by

Host: mypixel.golead.systems
URL: https://mypixel.golead.systems/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

f459e92156f755e550c50481a3ff763fcdcc6640a9aa32aafffec7aafdadfbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 17 Jul 2023 11:35:28 GMT
server: nginx
etag: W/"64b52780-a73"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ 434 KB
175 KB 212ms
67ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfYqDUiAAAAAIQh7rVa9ggcptTFrHjVMLlnECig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://se1.afreegiftforme.com/
Origin: https://se1.afreegiftforme.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 06:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178086
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 06:21:56 GMT

GET
H/1.1 200
OK select.arrow.png
se1.afreegiftforme.com/custom/ 1 KB
1 KB 168ms
167ms Image
image/png 144.76.79.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se1.afreegiftforme.com/custom/select.arrow.png
Requested by: Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.79.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead.se
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/start_419.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 26 Jul 2023 13:38:09 GMT
Last-Modified: Wed, 13 Jan 2021 16:07:43 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "44e-5b8ca56d111c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1102

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 213ms
68ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://se1.afreegiftforme.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 23:18:57 GMT
x-content-type-options: nosniff
age: 397152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 23:18:57 GMT

GET
H2 200 5.23e89dd51151905cc8a4.js Show response
static.cleverpush.com/sdk/chunk/ 35 KB
10 KB 48ms
46ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.23e89dd51151905cc8a4.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75435a58ee65ed40fe8028ee5f3e3b9f7c4aa9109d796a87af045a89e150818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2ZE9DARABY97WMW
age: 15986
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: I25rJbpg82e2snPHCx7AecoYtbkzs6sykHJZZAoJWrQIXY4XTnWTZPJvV/gBDg3pP1h22Oc6vrw=
last-modified: Wed, 26 Jul 2023 09:11:00 GMT
server: cloudflare
etag: W/"3f104177f10e054b2e24824d3570f460"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIuSvXUDFEAvKIGJo9SEP8cMw%2BAElprJuu0rcObDLRrwIyKENJ%2BKy1VrdGk%2F4uJc8qfJX2o0j3YPl4YMqGvv0LfgjyBES1elu%2FtMNLB4YLkzbHHRyCq2XJkdxZtEcSl0kxSV%2FGMWcSxvHoTpwZW0eqgRMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0a990ac809d2-MIA

GET
H2 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 44ms
42ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2Z64YVFP9HY0Y9R
age: 15986
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: k06jtuSVdEzQBal5aG5aou2W2nz3qj++uLtPMIVC+rrGeTnq/KyLiZzc3fMWBdDYgpJzJgEuYeQ=
last-modified: Wed, 26 Jul 2023 09:11:00 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3EDYFnc2tczbiXANagYEBKhAK6psF76Q3UbmlLNH32vZAmV6iIbs0jLfBpR26tOLNWkw3sn6FuHWNeVrU8WFQBV%2F5eed%2FdVHmspFAtT0pdnTGnkCCkauGx6S13eMsPAH31EDcyWDLV9bT%2BzAi0T7Kib8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0a990ac909d2-MIA

GET
H2 200 115.e30f3beb9362f27682a4.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.e30f3beb9362f27682a4.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 328af77f45ba2610b978aae9a730705fb736faaad2d92cd9f4fc2afe28bf59d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2Z91BESTBY3CZHH
age: 15986
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FFGWhNt9hxQuAhk2MSEaGLAT4lhFQ5BuffpThSKWv5X2rFJdYvrJ4eV6yF8DbKhOMPfc6eWruno=
last-modified: Wed, 26 Jul 2023 09:11:00 GMT
server: cloudflare
etag: W/"38a1039a3e5dd94dc9c24d4cd1959496"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KCEuXnCMDAxgEEnfTDHOsd%2FeBUD8Fe1Fzbg37UNZ34nZpoMPhft%2BxpeBpSGCX1xD9KvBtcOpBiG8UkRrWsbVc70v04pLn92aLRAxGvvWwv8Ap7WVw9R6UCNFxOtmGt%2FCXa0fJXThQSE0IZrQ4BIWMU9ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0a990acc09d2-MIA

GET
H2 200 iframe Show response
swe-pe.mycleverpush.com/ Frame 0A1B 72 KB
27 KB 1126ms
172ms Document
text/html 116.203.25.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://swe-pe.mycleverpush.com/iframe?origin=https%3A%2F%2Fse1.afreegiftforme.com

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.203.25.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.25.203.116.clients.your-server.de

Software

Resource Hash

1c436d0064c598e485626d5a46abdefad4ac988537660960bcce9442ce4bae02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://se1.afreegiftforme.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Jul 2023 13:38:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-2
x-cache-status: HIT
x-robots-tag: noindex

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8894 7 KB
1 KB 97ms
93ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYqDUiAAAAAIQh7rVa9ggcptTFrHjVMLlnECig&co=aHR0cHM6Ly9zZTEuYWZyZWVnaWZ0Zm9ybWUuY29tOjQ0Mw..&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=u03ab93pb09z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ed0c21f2e5d3d18ee695c6c58843b7a7ae9a718645177de763d7e5b1a4fd160

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nMdj8aWmrk9zLpIIXaNcog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://se1.afreegiftforme.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1081
content-security-policy: script-src 'report-sample' 'nonce-nMdj8aWmrk9zLpIIXaNcog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 13:38:09 GMT
expires: Wed, 26 Jul 2023 13:38:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 8894 55 KB
24 KB 228ms
68ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYqDUiAAAAAIQh7rVa9ggcptTFrHjVMLlnECig&co=aHR0cHM6Ly9zZTEuYWZyZWVnaWZ0Zm9ybWUuY29tOjQ0Mw..&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=u03ab93pb09z

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jul 2024 18:24:33 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 8894 434 KB
174 KB 258ms
98ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 06:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178086
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 06:21:56 GMT

GET
H2 200 sovendus.js Show response
api.sovendus.com/js/ 83 KB
27 KB 305ms
304ms Script
application/javascript 130.0.76.153
ADACOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sovendus.com/js/sovendus.js?v=a5922b27-561c-4afc-ad9e-21f545601fc8

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/sovabo/common/js/flexibleIframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.0.76.153 , Germany, ASN42442 (ADACOR-AS, DE),

Reverse DNS

130-0-76-153.static.ip.adacor.net

Software

nginx /

Resource Hash

ae7d31a747dd75c5c00702597859f1ee2cc54f5f9b1a243c5498dbf54f444d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 17 Jul 2023 11:35:28 GMT
server: nginx
etag: W/"64b52780-14d64"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H3 200 5.23e89dd51151905cc8a4.js Show response
static.cleverpush.com/sdk/chunk/ Frame 0A1B 35 KB
10 KB 54ms
53ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.23e89dd51151905cc8a4.js
Requested by: Host: swe-pe.mycleverpush.com
URL: https://swe-pe.mycleverpush.com/iframe?origin=https%3A%2F%2Fse1.afreegiftforme.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75435a58ee65ed40fe8028ee5f3e3b9f7c4aa9109d796a87af045a89e150818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://swe-pe.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z3KJB7TV5XZ2RJPT
age: 16010
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3ZKsdoepTA3vVt8WVe0s3mKjfuyUVmhkBx7We6I27aASfO8SvdmMveqoTektteGHNOrkeaG7O/8=
last-modified: Wed, 26 Jul 2023 09:11:00 GMT
server: cloudflare
etag: W/"3f104177f10e054b2e24824d3570f460"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFEk9V66QhwuqQXsrTIh4fZRkQENBMd4IuFJEZaJF8Rjc12tWBDa7DOCIiXdsDJ8Ao1mp%2BiyjYEPIqnmO4vemf6f9B4vDlSd1RjVK8lplmSbMTGW6zZluUbzbm0YKaUWmR6M2e%2F%2BT0YDxnajlniBpoXzeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0aa22ce62886-MIA

GET
H3 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ Frame 0A1B 5 KB
3 KB 83ms
82ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: swe-pe.mycleverpush.com
URL: https://swe-pe.mycleverpush.com/iframe?origin=https%3A%2F%2Fse1.afreegiftforme.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: en-US,en;q=0.9
Referer: https://swe-pe.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0D120FP7QKJAFFX3
age: 16008
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3cBJX2zCGpopxnBB6d1kibSQDQE3CaJbccEWa6YH/Eiyn6crz5Q/4oTCG0iX80DGX03i8SmuWEo=
last-modified: Wed, 26 Jul 2023 09:11:00 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6NqWwEgUG7A530PykVbrqClpk4PLmmBhogeLyDA4AWARExCCNhqu2wCDDXNDLVi9tTFcsGaEQT4Wzo0v66i0M%2FLRrkpmVX98sYcduNvOm8eBRWiRtud3wDHo3uw%2FskTjubyHKfyV4jGJ96n9dtfcfOHMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0aa22cec2886-MIA

GET
H3 200 818.a57bf931a2ae72731020.js Show response
static.cleverpush.com/sdk/chunk/ Frame 0A1B 7 KB
3 KB 48ms
47ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/818.a57bf931a2ae72731020.js
Requested by: Host: swe-pe.mycleverpush.com
URL: https://swe-pe.mycleverpush.com/iframe?origin=https%3A%2F%2Fse1.afreegiftforme.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562

Request headers

accept-language: en-US,en;q=0.9
Referer: https://swe-pe.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TEXNX7XCM8H14AFM
age: 15999
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yh1BYTEdoEWmFAuseF/sd237xhBf6A7DGrErZfqMSlzCKu+Opf9nMXMTeNml/A2Q3qjDzChs234=
last-modified: Wed, 26 Jul 2023 09:11:01 GMT
server: cloudflare
etag: W/"1e706587e7b34208f748533f72fb63bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mV1t3B4uTx9natsIazzs5Uch5KYHqY0lKa9MLUF5mHM67omJW7V5SI3TLSDIdIsKf4EHJhFBzo8t%2BPr6RLzw1PaSF1OSKSFjplhuOmVjLWppOOLW3s702fu0LUwEIja0oahWyBiZFKs10kHzSNUalYRRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0aa22cee2886-MIA

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8894 2 KB
2 KB 119ms
118ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 10:27:06 GMT
x-content-type-options: nosniff
age: 357065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Jul 2023 10:27:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8894 15 KB
15 KB 97ms
97ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 00:51:47 GMT
x-content-type-options: nosniff
age: 391584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 00:51:47 GMT

POST
H2 200 token Show response
identification-api.sovendus.com/ 601 B
751 B 1134ms
216ms XHR
application/json 46.167.166.60

General

Check archive.org

Show headers Download Go to

Full URL

https://identification-api.sovendus.com/token

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=a5922b27-561c-4afc-ad9e-21f545601fc8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a3f8ae900a60f8116d2017852191edb2c5e465d2b5743d1da0db6591dea85ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://se1.afreegiftforme.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 13:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://se1.afreegiftforme.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 103.b10f0d46d101c9c5c7e2.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 60ms
59ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/103.b10f0d46d101c9c5c7e2.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540457c838884f5699956bc3204f130c416959c862818719a002ed204cdc0d07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D2VSK83ZGE7SQ26Y
age: 16015
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CG4vr6HY5fPPrccq2NYdR/pcZNBNCUGg1dziLufi/l/1TusFvjXrEMDOSuwrGtDfolQyd7kDtD4=
last-modified: Wed, 26 Jul 2023 09:11:00 GMT
server: cloudflare
etag: W/"63e4acb5b8f0b10288e3e202c59b0bc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHYULcBOpZoq5rTRoWGChlxppOJt6XRjmI7yNvPjrIv7wfjkjNYDOyC0Ie9dzKzIjzzgV7%2BWXg6QmZIaB2zl%2FjK9woMWKtRh1Qj7vp8fVbkTid2EdmDm35yqn3v7Axp98JkfNMKcEiODuU12rXVS7a%2Bc5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0aa4a8a62886-MIA

GET
H3 200 720.0bdbfc00d66464030daa.js Show response
static.cleverpush.com/sdk/chunk/ 48 KB
11 KB 55ms
54ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.0bdbfc00d66464030daa.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73af61418ca8ea40f925bdd5c5380ee58ca1dc74117b5f9759336570a614aadb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D2VPFE6G54W12GX4
age: 16015
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XTDpI3zozYWA8ndjjG+zwn9PS61dMgz0+M0ZBKupQgIJD8mGk+3pIhRlGQH/cArRERTRgn0NJG8=
last-modified: Wed, 26 Jul 2023 09:11:01 GMT
server: cloudflare
etag: W/"28ec846c537fa018d121178bf42a8c58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYf2GcY11%2FekvgRrS6l0oiFp0T%2BUUn05RWu%2BScq%2FEUB77RDF0k4fVTRH%2BY8HG9Ua7JJiWCPuUPKdTsG9z5rCoupPUxVqlzyrdq0ZzE%2BbXf3PrOtaysIg5Yaf6gbp70lsjes9Y1ltCj%2FWmYPMtpc4iTTJ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7ecd0aa4a8a72886-MIA

OPTIONS
H2 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 518ms
387ms Preflight
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://se1.afreegiftforme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ecd0aa62e6267b4-MIA
content-length: 0
content-type: application/json; charset=utf-8
date: Wed, 26 Jul 2023 13:38:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aez0gOVEZu0R%2BA%2BFNKq09q4vP8uspdcaxv6v4bYXF1%2FZw14yHSERjb%2FRPwXYfdeYZln8WM9dQnPYtLw3LuAT10gwC4Czg00s7%2FBlRfO5QlLg6D17m%2FhzcuJAOwkhcEOCae%2Bc0y37F2s0%2FSQ3t2mGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
380 B 170ms
169ms Fetch
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://se1.afreegiftforme.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Jul 2023 13:38:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-3
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkiI93h%2BWNubYQgskZogGrCa4R5UuWTRbJ2Uk%2BHcEZKpQmgiroRHeHAvfbmYLrozKuXoE8KLEQgi60eT%2FYEY2zeH347kYB0zgLAyz%2B6ZzSi9KrNwQsO4Jrs%2Fs%2FjRCbxYRJypSIy9TwhFglGHVr44Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 7ecd0aa898b267b4-MIA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H2 200 banner Show response
www.sovendus-connect.com/banner/api/ Frame 4516 40 KB
15 KB 2337ms
468ms Document
text/html 46.167.166.60

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sovendus-connect.com/banner/api/banner?timestamp=%201690378686&publisherId=419&trafficMediumNumber=2&trafficSourceNumber=5851&sovToken=R6PWtQqV8TisxsvAJMI5rXHMwlTgdsTQjhZQrYuXo4Y18S3zbPNhbz3GpzVtv3uRrr7ijPTbPXOUDbYx5nGA1Rp39rO1kw2HhpT-N30&sessionUuid=e0e16957-9086-4c7e-8642-71a24beb67bf&format=ssr&identifier=ident_3486725282654355&sessionId=45e6e23ada700e3dbcbda9680040d1be&processInstanceUuid=24a8f599-a458-54f4-9e9c-840f8ee4596a

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=a5922b27-561c-4afc-ad9e-21f545601fc8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

46.167.166.60 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d7db4bddbd3b3bc3006ecfaac68b5eddd33917f43a343b04c3862ae8f81a963b

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' https://.sovendus.com; base-uri 'self'; form-action 'none'; font-src 'self' https://.sovendus.com; img-src 'self' data: https://.sovendus.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://.sovendus.com; style-src 'self' 'unsafe-inline' https://*.sovendus.com; report-uri https://csp.sovendus.com/report
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://se1.afreegiftforme.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: 'self' https://*.sovendus.com; base-uri 'self'; form-action 'none'; font-src 'self' https://*.sovendus.com; img-src 'self' data: https://*.sovendus.com; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.sovendus.com; style-src 'self' 'unsafe-inline' https://*.sovendus.com; report-uri https://csp.sovendus.com/report
content-type: text/html
date: Wed, 26 Jul 2023 13:38:14 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 track-first-paint
press-tracking-api.sovendus.com/ 0
248 B 401ms
205ms Ping
text/plain 46.167.166.60

General

Check archive.org

Show headers Download Go to

Full URL

https://press-tracking-api.sovendus.com/track-first-paint

Requested by

Host: api.sovendus.com
URL: https://api.sovendus.com/js/sovendus.js?v=a5922b27-561c-4afc-ad9e-21f545601fc8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://se1.afreegiftforme.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Jul 2023 13:38:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://se1.afreegiftforme.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 161ms
160ms Preflight
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://se1.afreegiftforme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ecd0aabaa33daed-MIA
content-length: 0
content-type: application/json; charset=utf-8
date: Wed, 26 Jul 2023 13:38:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R19tx5nVrDozgDHfVNar8PMtBWwcmTnrZ7nGKvCkcnD6JcszGRDnG6jF6yH%2BvZZmz%2BAqJ5ENEOonCTvMgi9iz1paZ6Egx01LPgri%2BnXQ5%2BqnkejyFsSS4z96SUskizkCzrNH7VlnXInWZ9W%2B4qO5lg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
592 B 158ms
157ms Fetch
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cT248fsBnsww5uqef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://se1.afreegiftforme.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Jul 2023 13:38:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-3
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xlpic3hOukgYb6yXOCHwp62EpCuGiSU7epGe141pTkVUeQh%2FgR8KsG9QegQoptR6M8NCunFX1TUUFCCHUnVZIHTgAIihjZBBtg5NBwXYUz2cLt8lNvEBk3oyhXhakSxhgh3N33E3RVNZvTpf1y59Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 7ecd0aacab6bdaed-MIA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H3 200 zBgF9w7eNr8ziuuZr.png
static.cleverpush.com/notification/icon/ 30 KB
30 KB 56ms
54ms Image
image/png 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/notification/icon/zBgF9w7eNr8ziuuZr.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8993311f2aa39f5927121fd50ba0f9760949762ec54455451be000f0c21f22f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://se1.afreegiftforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:38:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KHTH52DZ0CEN1P2W
age: 3036
alt-svc: h3=":443"; ma=86400
content-length: 30249
x-amz-id-2: UqQGx1Fsgo37EU3eRWkPtZbMb4EY/JCfTkRh97Edqen9+gsiC+jt9LrE+LlL1FDS9PSjzt23kSI=
last-modified: Tue, 21 Sep 2021 14:43:03 GMT
server: cloudflare
etag: "b887b19cc7e31cdb27b16d9bba043ec5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdS6B%2ByDW8KsT5eWGnIr9azC89HFYV7S%2BjkJ9FPDESpB0M3lVlKPASy%2Bc7bWwnI4EhHff%2FpxUN66Sfbjw1UzV4Cvw5g3juk8V%2FQBrNrF6vS7eY4jC3FpXcwlfX1nA%2BPDcnZ%2B%2F59ZjJrL5RDkWjkyJNzbdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7ecd0aabaa3a2886-MIA

POST
H2 204 report
csp.sovendus.com/ Frame 4516 0
142 B 1309ms
160ms Other
text/plain 46.167.166.60

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.sovendus.com/report

Requested by

Host: se1.afreegiftforme.com
URL: https://se1.afreegiftforme.com/start_419.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.167.166.60 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sovendus-connect.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 26 Jul 2023 13:38:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			se1.afreegiftforme.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: t321n4hat7g6i3sulsig5o1oc1
			se1.afreegiftforme.com/	1970-01-20 13:33:13	Name: coyoteAffiliTokenId419 Value: 6674921

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
api.sovendus.com
cdnjs.cloudflare.com
csp.sovendus.com
fonts.googleapis.com
fonts.gstatic.com
identification-api.sovendus.com
maxcdn.bootstrapcdn.com
mypixel.golead.systems
press-tracking-api.sovendus.com
se1.afreegiftforme.com
stackpath.bootstrapcdn.com
static.cleverpush.com
swe-pe.mycleverpush.com
www.google.com
www.gstatic.com
www.sovendus-connect.com
116.203.25.165
130.0.76.153
144.76.79.19
178.63.95.88
2606:4700:20::ac43:47b8
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4006:80c::200a
2607:f8b0:4006:816::2004
2607:f8b0:4006:820::2003
46.167.166.60
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c436d0064c598e485626d5a46abdefad4ac988537660960bcce9442ce4bae02
201852fc8d1cb080d109f493484aa01c484bd13e5bbc676b62774a3629d9e794
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
328af77f45ba2610b978aae9a730705fb736faaad2d92cd9f4fc2afe28bf59d7
35765eec1f2cb48fbc9f884dbb8ea343dece499d161894b29756a801ad49ba11
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c
4ed0c21f2e5d3d18ee695c6c58843b7a7ae9a718645177de763d7e5b1a4fd160
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540457c838884f5699956bc3204f130c416959c862818719a002ed204cdc0d07
6562ea200bcbe751f7f8a091a6d26f190756e4f44a49a6c8c69cdb3e37ca613f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
73af61418ca8ea40f925bdd5c5380ee58ca1dc74117b5f9759336570a614aadb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e4280561c4c84e46b461197ede83b1c954bc967a8f1ea1179eaa6f55844c28e
828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562
8993311f2aa39f5927121fd50ba0f9760949762ec54455451be000f0c21f22f0
940a2780647ad473c6d299a32d22b5adea4ac667fd3adcf46cfe8441dbdaeba7
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a3f8ae900a60f8116d2017852191edb2c5e465d2b5743d1da0db6591dea85ae5
a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3
ae7d31a747dd75c5c00702597859f1ee2cc54f5f9b1a243c5498dbf54f444d84
ba6a7eb9acf869a02a1f607e569cb9336d863de1addac148cce418a1e63b9c2a
c72010e02c94dcfe5626eddefc488ecb17590ae2c9e7034f878de6b38ec32f92
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce88d4544ef3f7bdc2ea36de169a1e364b0f11a19b629c89661ca348a7501317
d7db4bddbd3b3bc3006ecfaac68b5eddd33917f43a343b04c3862ae8f81a963b
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75435a58ee65ed40fe8028ee5f3e3b9f7c4aa9109d796a87af045a89e150818
f459e92156f755e550c50481a3ff763fcdcc6640a9aa32aafffec7aafdadfbcc
f48b19853639a57fddad900cbdd96b50cbeef52114a51aae0c38ef7b296ff71f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

se1.afreegiftforme.com Open in urlscan Pro 144.76.79.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

55 %IPv6

11 Domains

18 Subdomains

12 IPs

2 Countries

988 kBTransfer

2320 kBSize

2 Cookies

23 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

se1.afreegiftforme.com Open in urlscan Pro
144.76.79.19 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

55 %
IPv6

11
Domains

18
Subdomains

12
IPs

2
Countries

988 kB
Transfer

2320 kB
Size

2
Cookies

42 HTTP transactions
1 data transactions