urlscan.io logo urlscan.io
SecurityTrails logo

www.heingiftdec.com Open in urlscan Pro
2606:4700:3030::6815:40b1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heingiftdec.com/o/17cf1997848d99ea41
Effective URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Submission: On July 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3030::6815:40b1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heingiftdec.com.
TLS certificate: Issued by WE1 on June 14th 2024. Valid for: 3 months.
This is the only time www.heingiftdec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
20 5
15    2606:4700:3030::6815:40b1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.heingiftdec.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.trkinthejun.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 heingiftdec.com
www.heingiftdec.com
122 KB
2 trkinthejun.com
trk.trkinthejun.com
933 B
2 gstatic.com
fonts.gstatic.com
16 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
872 B
20 5
Domain Requested by
15 www.heingiftdec.com www.heingiftdec.com
2 trk.trkinthejun.com 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com www.heingiftdec.com
1 fonts.googleapis.com www.heingiftdec.com
20 5

This site contains no links.

Subject Issuer Validity Valid
heingiftdec.com
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
trkinthejun.com
WE1		 2024-06-15 -
2024-09-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.heingiftdec.com/o/17cf1997848d99ea41
Frame ID: 3A1CA4EC7DD8167FED2FC805B4BECC48
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/
Frame ID: 47CDACA093276C52BEACA736C76CA695
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Registration

Page URL History Show full URLs

  1. http://www.heingiftdec.com/o/17cf1997848d99ea41 HTTP 307
    https://www.heingiftdec.com/o/17cf1997848d99ea41 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

139 kB
Transfer

524 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heingiftdec.com/o/17cf1997848d99ea41 HTTP 307
    https://www.heingiftdec.com/o/17cf1997848d99ea41 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://trk.trkinthejun.com/cwv8l4k.php?lp=1&to_offer=1&uclick=ussy1noc HTTP 302
  • https://www.google.com/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 17cf1997848d99ea41
www.heingiftdec.com/o/
Redirect Chain
  • http://www.heingiftdec.com/o/17cf1997848d99ea41
  • https://www.heingiftdec.com/o/17cf1997848d99ea41
36 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690cf9463375363765fb6697fa40286b1a91e12d3a9060fb9c8e03810d9f9c55

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89cef7f94ae29012-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 02 Jul 2024 13:26:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ueZYDa3XcyugEbEjZxpEIY2Vfg%2B4vCb%2F1Wm7c3qjhIIz1uhAGEsWBq2x%2BDU6wFSvX5vCPi%2FiNsjtYmcYf4n7VKwpmmW9AZSViIPqTxlivhk3GBOLblUIX%2B4FNnVGOfHOB7HtYB2CzcEzzZ1VD3DhGbET"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://www.heingiftdec.com/o/17cf1997848d99ea41
Non-Authoritative-Reason
HttpsUpgrades
bootstrap5.1.3.min.css
www.heingiftdec.com/static/css/libs/bootstrap/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/libs/bootstrap/bootstrap5.1.3.min.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 11 Oct 2022 11:29:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELAg8gQkIrVXm0CHJiBPlunAyzQxs%2Fk%2BlkEMjHkFc5AaptanJKin9cjHFGlnw%2FS2W3VQJIrREcqacYyhBGsGbDsuNVatYydjCmV5kqpPCOO58OON8OnimpDatVZefED6l%2BW0xEJvvHSMXHOtcRTeOXE%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9dd49012-FRA
alt-svc
h3=":443"; ma=86400
forms_v4.css
www.heingiftdec.com/static/css/dbyyawlw/blank-v13/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/dbyyawlw/blank-v13/forms_v4.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35e7f6e3940f7fabc080ed3ae902f04d08342c136ff71a36def858b4cd076a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 08:53:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGgGkQQItjkH1pxe%2BW0r8C9KGUZGKDwBThLOAOFrAv3j44fGdoZx9vsW44A9ftS0vmNr8a98ewnNfa%2BlmhV2sQB9FbavRtewYARZ6hOecIsbU%2Bu%2BeV%2BMW8HgJfAB2R%2FwglZfRGy6jr9YlwaYHAxPH94j"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9dd59012-FRA
alt-svc
h3=":443"; ma=86400
animate3.7.2.min.css
www.heingiftdec.com/static/css/libs/animate/ 		59 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/libs/animate/animate3.7.2.min.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b744c626fcfa4bef56fd05420363077d102312466eed3421f4faac27b0b285e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 09 Oct 2022 10:33:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTvdi5Tyz%2FCYN0sgkX7vZe7Xh3JdWBTAjXG0hJnB4C7h0uNIRThSy2vZZ4eFjKYKYn1nXLh1Gs9VPyarpPmmCYNiE8fgDgZ0vBF65SJPS6CarYNxBPR4ctHfmkWWte3sl4vvmZA8%2FG0vhMUBskaQ1dch"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9dd79012-FRA
alt-svc
h3=":443"; ma=86400
style.css
www.heingiftdec.com/static/css/dbyyawlw/blank-v13/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/dbyyawlw/blank-v13/style.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8929976d0a853ac44296d047316314b23bceca41a3c268dffa14f9189ed714f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 08:53:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xomtax2exfSn4GtIy7zNOqEigtgnysIAws3%2FmCljS5j8Stp%2Bt3LXTGbygxqrwIKu0cNVyBRVjYA7CCA1lpfIxQIooRpkwcXCDVg2OLej7v5%2FqqC9VVzZVSyLyp0uYcij0OPtT3MMfv5xCvdZsx6ybDkb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9ddb9012-FRA
alt-svc
h3=":443"; ma=86400
axios.min.js
www.heingiftdec.com/static/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/axios.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb9575ff86d9b7fadf3a95a8b79b17ac7d86fb11d099350691b03a197532856

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 07:27:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKvQ5hyAm3LKCynTkZuflsqCH2Y5JSQir2flUD4D8NzGdTgnErdZOjSbsBFe5QS6CKRi8xO1iZ6orAXDPYP1OY2l6xmRfJJJCtQZVE59bjZPRDAc2toqslnzP%2F0IOuEMjuyy7OKQc9J32%2FGEJGC3vb%2BQ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9ddd9012-FRA
alt-svc
h3=":443"; ma=86400
config.min.js
www.heingiftdec.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/config.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd81fee7556209d13ec49fe2cb3832ed19227491fd303e8aeaacbea7ceaf07fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 02 Dec 2022 03:35:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5KjVE%2F1nBkKpBff3Hma1obhSEoPPts%2FyWjlVfXUFkvzACDNNQTqnl%2Bg70MEHNkILtvocwHEfhRfaund6%2FPRAH1YCWfYjyKc23W50x3%2FbMJUfflRFu0%2FpHu%2Bcap08btj%2BNHorEFZqLbF3l4dcgae9q8h"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9de19012-FRA
alt-svc
h3=":443"; ma=86400
event_1.min.js
www.heingiftdec.com/static/js/ 		680 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/event_1.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c091f78cf544069c205b85a85e97c4385e699d05e7cfa1dbd811e4526b04b5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 08 Sep 2022 10:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CwdGirCaFVZ1kLNjSGEVJB18woB4huYHMMt6iLtc4ePa%2Bp8TK5LGdQPL0Y3TbRih0dsbRtNzYjAS36b79PkpiBDnAiX99OFz%2BHkor2Me3ZkOJwUuz4pBL2YSvmJSyywMsoZyYCINwfltotZD8Cfy5jD"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9de39012-FRA
alt-svc
h3=":443"; ma=86400
jquery.qtip.min.css
www.heingiftdec.com/static/css/libs/jquery/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/libs/jquery/jquery.qtip.min.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a96f15487ccc31484e0c61f6aeaaad720df349b834201721dcbc35a2cfb8800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 09 Oct 2022 10:33:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFnCSkRZyyx0sEPYZQDTwKJtpXdQntmgJ1wATVFY6iGp%2FluBboGcYRt2AcORgA7ZAFmdxizgWYuLG4LhEUaoPZvnV%2Fjt956K1j8vU7MU6QHdH%2FGpoiEONyNlUR3kh0vYthLYN5e2JYtBWOjESoEfrSv0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9de49012-FRA
alt-svc
h3=":443"; ma=86400
index.css
www.heingiftdec.com/static/css/libs/parsley/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/libs/parsley/index.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4ab226e02dd62bd348bf3b84b2ae5312d0dfdfb6db43898180933444a04966

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 02 Nov 2022 08:36:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ViGD4VZzZzV9R59zw%2FpH1b4n1CgPHxMhhd5rAFQ5vzwTPtJopLDYr09g9upIvJTiYtxfB7Vlbw%2BU9hQnQU%2FshA5LxqYoF5dlSscD9hMNU40qAt7vmkmhtn866LFmRw0uJuERCIYX129dsstz25mkhPXq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9de79012-FRA
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
www.heingiftdec.com/static/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/jquery/jquery-3.6.0.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 05 Sep 2022 06:37:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j39r8UatO5sdncH7obwu3Nei0QQWB0Y5OtOqbMY5FwVULagIn%2FCWc8rSUOvAql2V7JtJNekloXGSV6QcGMtAWXTRMDOy6MoTGniPitdSUtcmvnE3fJ7Ig9vTiARKZosLQQjtw5ZPjypotZylfdE5vKsW"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9de89012-FRA
alt-svc
h3=":443"; ma=86400
parsley.js
www.heingiftdec.com/static/js/parsley/ 		93 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/parsley/parsley.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4149e7ab26148bf5af37d8c2e0eec0337e549f8e715164b23333b7e1209542

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 08 Sep 2022 10:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLvfONifNApuIeZ2QllDmmu3iQC9JvRsDgnrU4GZYua1zXrGMaSH7%2FFUC88p0i8n%2FILgH6eCKHnyloGpeVYen90q%2Bv0mZy1%2F491YiEm9BtykwRjBIsnfsC56n%2Fahl3qNai3%2FxLCQ3Yw4mrcglh1TdHRQ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9dea9012-FRA
alt-svc
h3=":443"; ma=86400
validate_card.min.js
www.heingiftdec.com/static/js/parsley/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/parsley/validate_card.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a272ef2e37bbbb9be3f5d2a05bfa6d2f1311f0b4bf6cdbaf7eba48bb9a5e9bb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Oct 2022 07:47:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNT7fuSmQRlnCj1WqIIUjud7aFzpwY2N6AS5gJJZ65qU1Jh1tySLnVxPHoNoGnvXbuMjPICJTA5ZtYgM2eb7NUpeCBKRqcN79e9PTmimDIDvAAaMzjUSM7IPZbclbwqD76ZuNzThsxbGds5W1W0jmwYo"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9dec9012-FRA
alt-svc
h3=":443"; ma=86400
validate.min.js
www.heingiftdec.com/static/js/parsley/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/parsley/validate.min.js?v=2
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68423a683e4688bf6386f00694ea562d7522eff56de13932321550cacbe914d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 16 Aug 2023 07:38:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wV1jnKjrdEkMwbpZsFEfT0c1A9%2BUfVKTb0C%2FdrX96yjF0ZiVQK9h2N2l7HTxBYP607miIGqR887ktgJ1Lto30b8uwQR9522ZzTerOVFGPDbG%2FBVbR88mM%2BxMkUX7pEjkfrnGd3EjAXVT8d3rlrc7CoJK"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
89cef7fb9dee9012-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		4 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/static/css/dbyyawlw/blank-v13/forms_v4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 13:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 13:03:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 13:26:39 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.heingiftdec.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 16:21:03 GMT
x-content-type-options
nosniff
age
421536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 16:21:03 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.heingiftdec.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:57:16 GMT
x-content-type-options
nosniff
age
412163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:57:16 GMT
/
www.google.com/ Frame 47CD
Redirect Chain
  • https://trk.trkinthejun.com/cwv8l4k.php?lp=1&to_offer=1&uclick=ussy1noc
  • https://www.google.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17cf1997848d99ea41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.heingiftdec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
77719
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-b0NPEdDBcdGK0UlD1tVNfQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 02 Jul 2024 13:26:40 GMT
expires
-1
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89cef8016b36bbf6-ZRH
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 13:26:39 GMT
location
https://www.google.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKE%2BZv425cx3m2NPBq5y5bx%2BLmYiSNk%2B3QobRR9FBQzc9NZgeaWp3X4gk8oruMX56I0kA4RimugybvqWZwEMvByQtCqqQh0kwl0NkBVHaTU34w2sbLEGcp30YkuL7u%2BwZhY0GHrqGN%2F%2FVRQxNnV%2B%2Fjsv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cwv8l4k.php
trk.trkinthejun.com/ 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.trkinthejun.com/cwv8l4k.php?event1=1&uclick=ussy1noc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1K2SxUKgru%2FTfsEf4GbEKmgMaFywGwdq4aTBjzWqz%2BlFihDpzZb7f%2BcwrYVrEiRA%2BCddjbIUewJoGhkq48nPyp0m7f2l5eR%2FBvLUMRPPs7AKiUdLPkcYFxGl%2B%2BT2kUUrsiYgCKtIp4jxjkyhXh5peqg"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
89cef8058e699210-MUC
alt-svc
h3=":443"; ma=86400
favicon.png
www.heingiftdec.com/static/img/dbyyawlw/blank-v13/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/img/dbyyawlw/blank-v13/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:40b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa53c9b6bf28f2f2b0b90b6dc2e76545be0313993459bbd2da80e152ae974b4e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heingiftdec.com/o/17cf1997848d99ea41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 13:26:40 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 08:53:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTYbkcymJY%2BhYhz1OSOdl2zuoff7mG7xWmSt5XHk9W7k4phOTy7NW3tsPmuLWCFkF0i%2BLyTQi4Zz0SA2DU5afLOs37WPw8JXK7rEsaqK%2BF7IE9n4fzN762TCBe5Q6Kf%2B3uBclBOQjTyUOg1vp6fNs%2BUf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89cef8056b169012-FRA
alt-svc
h3=":443"; ma=86400
content-length
2592

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| uclick string| uclickhash string| trackingDomain function| _typeof function| axios function| getConfigDomain function| get function| post function| sent function| setLocalData function| getLocalData function| get_lp_uclick function| back function| setFormAction function| oneClick function| jumpOffer function| ijump function| onPage1Submit function| $ function| jQuery function| loading function| loaded function| __formSuccess string| __parsley_zip object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| errMsg string| lang object| parsleyLangConfig object| parsleyConfig object| localization boolean| __parsleyForm function| debounce function| validAddr function| validZipcode object| log_1719926800196

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
trk.trkinthejun.com
www.google.com
www.heingiftdec.com
2606:4700:3030::6815:40b1
2a00:1450:4001:800::200a
2a00:1450:4001:810::2004
2a00:1450:4001:829::2003
2a06:98c1:3121::3
0b4ab226e02dd62bd348bf3b84b2ae5312d0dfdfb6db43898180933444a04966
0b744c626fcfa4bef56fd05420363077d102312466eed3421f4faac27b0b285e
2a96f15487ccc31484e0c61f6aeaaad720df349b834201721dcbc35a2cfb8800
5c091f78cf544069c205b85a85e97c4385e699d05e7cfa1dbd811e4526b04b5a
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
68423a683e4688bf6386f00694ea562d7522eff56de13932321550cacbe914d4
690cf9463375363765fb6697fa40286b1a91e12d3a9060fb9c8e03810d9f9c55
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a272ef2e37bbbb9be3f5d2a05bfa6d2f1311f0b4bf6cdbaf7eba48bb9a5e9bb5
afb9575ff86d9b7fadf3a95a8b79b17ac7d86fb11d099350691b03a197532856
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
e35e7f6e3940f7fabc080ed3ae902f04d08342c136ff71a36def858b4cd076a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8929976d0a853ac44296d047316314b23bceca41a3c268dffa14f9189ed714f
fa53c9b6bf28f2f2b0b90b6dc2e76545be0313993459bbd2da80e152ae974b4e
fb4149e7ab26148bf5af37d8c2e0eec0337e549f8e715164b23333b7e1209542
fd81fee7556209d13ec49fe2cb3832ed19227491fd303e8aeaacbea7ceaf07fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e