Submitted URL: http://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxN...
Effective URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postbac...
Submission: On March 18 via api from BE

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 34 HTTP transactions. The main IP is 185.3.185.190, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is www.win-gratis.be.
TLS certificate: Issued by R3 on January 19th 2021. Valid for: 3 months.
This is the only time www.win-gratis.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 84.55.181.107 9003 (ASN-SFR F...)
1 1 191.101.165.107 61317 (ASDETUK h...)
1 23.229.68.7 55286 (SERVER-MANIA)
1 1 65.98.109.153 25653 (FORTRESSITX)
2 3 52.210.134.198 16509 (AMAZON-02)
20 185.3.185.190 8426 (CLARANET-...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
34 7
Domain Requested by
20 www.win-gratis.be www.win-gratis.be
5 www.google.com www.win-gratis.be
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 mail.hodtd.com 2 redirects margtons.com
2 fonts.gstatic.com www.google.com
2 www.tracepartsonline.net 2 redirects
1 static.cleverpush.com www.win-gratis.be
1 goldtimexgroup.com 1 redirects
1 margtons.com
1 ginzzines.com 1 redirects
34 10

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
www.margtons.com
Go Daddy Secure Certificate Authority - G2
2021-01-13 -
2022-01-13
a year crt.sh
mail.hodtd.com
Amazon
2021-01-19 -
2022-02-16
a year crt.sh
www.win-gratis.be
R3
2021-01-19 -
2021-04-19
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-12 -
2021-08-12
a year crt.sh
www.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Frame ID: 1C2EF70CF7CD70F202D2E6EF5DA7AAF4
Requests: 23 HTTP requests in this frame

Frame: https://www.win-gratis.be/sc/WgsgrRgzGoMgiRxoyqQiPhGiilzkrQljhgjmGwoylOjwowhzwgiLzopsXhwxsiynyMkowoLiirkkwqlgPhqRgzGoMiMowwloxiuLoLzishwmrpjnsLpqvOMgigxwQrikmhvwgMqlykJkmQilzmQgkrlskoGlzvgilyIikoGgLggiRkgwthiKgmimzzmGthjGrQlgwhxJKKjishwmpKnimPwIkLpxskMjiLNgskKmgKxwssMuotrjskMIkpugLOPrvtKQqoxmNgQlytgGvJnxIKmjKwO
Frame ID: BCCDEA3D349423813E5FAD09514FC287
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
Frame ID: 52AE746D52349CBB14A321421499ADBB
Requests: 9 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4O... HTTP 301
    https://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4O... HTTP 302
    http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc= HTTP 302
    https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397 Page URL
  2. https://goldtimexgroup.com/r/e214c48c-d416-400a-8359-4f491c785bc5/471105/1024450486/ HTTP 302
    https://mail.hodtd.com/aff_c?offer_id=16284&aff_id=13200&url_id=21851&aff_sub=17S&aff_sub2=0104824f... HTTP 302
    https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-... Page URL
  3. https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&redirect_pass=1&url=https%3A%2F%2Fwww.win-... HTTP 302
    https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=1320... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Page Statistics

34
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

831 kB
Transfer

1943 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc= HTTP 301
    https://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc= HTTP 302
    http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc= HTTP 302
    https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397 Page URL
  2. https://goldtimexgroup.com/r/e214c48c-d416-400a-8359-4f491c785bc5/471105/1024450486/ HTTP 302
    https://mail.hodtd.com/aff_c?offer_id=16284&aff_id=13200&url_id=21851&aff_sub=17S&aff_sub2=0104824f-99ac-4c67-913b-a029d40327b2 HTTP 302
    https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_id%3D13200-17S%26sub_id_postback%3D1020098b742e4da470d00b0f9a56d5&urlauth=795264160853183550653164660748 Page URL
  3. https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&redirect_pass=1&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_id%3D13200-17S%26sub_id_postback%3D1020098b742e4da470d00b0f9a56d5&urlauth=795264160853183550653164660748 HTTP 302
    https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc= HTTP 301
  • https://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc= HTTP 302
  • http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc= HTTP 302
  • https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397
Request Chain 1
  • https://goldtimexgroup.com/r/e214c48c-d416-400a-8359-4f491c785bc5/471105/1024450486/ HTTP 302
  • https://mail.hodtd.com/aff_c?offer_id=16284&aff_id=13200&url_id=21851&aff_sub=17S&aff_sub2=0104824f-99ac-4c67-913b-a029d40327b2 HTTP 302
  • https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_id%3D13200-17S%26sub_id_postback%3D1020098b742e4da470d00b0f9a56d5&urlauth=795264160853183550653164660748

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 214168923_3063152_9397
margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/
Redirect Chain
  • http://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc=
  • https://www.tracepartsonline.net/(S(qfqtucjmaa3bv0uw4bxsr2mm))/redir.aspx?url=http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc=
  • http://ginzzines.com/?MjE0MTY4OTIzPTM3OTI1JjMwNjMxNTI9MTkxJjE9Y2xpY2smaTNsdnpvPTQmbGlkPTkzOTc=
  • https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397
147 B
441 B
Document
General
Full URL
https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.229.68.7 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
srv1295.boondocks.live
Software
Apache /
Resource Hash
f7da81653696dd9c40fc877029fec9f117337bae08b858d50d6c00d962cab848

Request headers

Host
margtons.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 16:16:25 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
147
Server
Apache
Set-Cookie
uid17324=1024450486-20210318111625-122809c3c57fa13c8db31627b96ed0f3-; domain=; expires=Sun, 18-Apr-2021 15:16:25 GMT; path=/; SameSite=None; Secure

Redirect headers

Date
Thu, 18 Mar 2021 16:16:25 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397
Content-Length
3
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
aff_r
mail.hodtd.com/
Redirect Chain
  • https://goldtimexgroup.com/r/e214c48c-d416-400a-8359-4f491c785bc5/471105/1024450486/
  • https://mail.hodtd.com/aff_c?offer_id=16284&aff_id=13200&url_id=21851&aff_sub=17S&aff_sub2=0104824f-99ac-4c67-913b-a029d40327b2
  • https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_id%3D13200-17S%26...
348 B
727 B
Document
General
Full URL
https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_id%3D13200-17S%26sub_id_postback%3D1020098b742e4da470d00b0f9a56d5&urlauth=795264160853183550653164660748
Requested by
Host: margtons.com
URL: https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.134.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-134-198.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
mail.hodtd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://margtons.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
aff_ran_url_16284=21851; enc_aff_session_16284=ENC03a533b090dafda411d734bbb50609a73a69c61e2e646404d71de3e50185c1a07ee2693b40114c4b38bd83f42063bcbb28a38bb452bef1e1db9cef99fd3a3fa95b5e80815886edc3ca1a59fb6559e55b96817c18517a76c24110cccd3d8c5b3847cb622c775e10f7aab6a5132f777ef6e8dd0c69f58444bf2e37df7430fa46a931b7b3cd0df184c788aaa5462ea0509bb2a61023f96d3c2ff4df9e0ed98aed53c92dc078512ac37573503a67a5154b40657ce7142b0847fc1fa5450bc83681683604149ade; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://margtons.com/ff62f9ee655e9ce000//191_65.60.0.52_1_89.249.64.171/214168923_3063152_9397

Response headers

Server
nginx
Date
Thu, 18 Mar 2021 16:16:26 GMT
Content-Type
text/html
Content-Length
348
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
0e79dcf319e6b8f078e76b534c5d6ca3
Access-Control-Allow-Headers
Tune-SDK-Version

Redirect headers

Server
nginx
Date
Thu, 18 Mar 2021 16:16:26 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
458
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
/aff_r?offer_id=16284&aff_id=13200&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_id%3D13200-17S%26sub_id_postback%3D1020098b742e4da470d00b0f9a56d5&urlauth=795264160853183550653164660748
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Set-Cookie
aff_ran_url_16284=21851; expires=Fri, 19 Mar 2021 16:16:26 GMT; path=/; SameSite=None; Secure enc_aff_session_16284=ENC03a533b090dafda411d734bbb50609a73a69c61e2e646404d71de3e50185c1a07ee2693b40114c4b38bd83f42063bcbb28a38bb452bef1e1db9cef99fd3a3fa95b5e80815886edc3ca1a59fb6559e55b96817c18517a76c24110cccd3d8c5b3847cb622c775e10f7aab6a5132f777ef6e8dd0c69f58444bf2e37df7430fa46a931b7b3cd0df184c788aaa5462ea0509bb2a61023f96d3c2ff4df9e0ed98aed53c92dc078512ac37573503a67a5154b40657ce7142b0847fc1fa5450bc83681683604149ade; expires=Sun, 18 Apr 2021 16:16:26 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 11 Feb 2024 02:56:26 GMT; path=/; SameSite=None; Secure
Tracking_id
1020098b742e4da470d00b0f9a56d5
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
d46929bec466956966d4da49ee909e37
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request wingame.pl
www.win-gratis.be/cgi-bin/
Redirect Chain
  • https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&redirect_pass=1&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_i...
  • https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
52 KB
16 KB
Document
General
Full URL
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
49c8a0ec974fbb12a4613d03a63eba5c601c203379c139d23d12ce6df9be66f5

Request headers

:method
GET
:authority
www.win-gratis.be
:scheme
https
:path
/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://mail.hodtd.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mail.hodtd.com/aff_r?offer_id=16284&aff_id=13200&url=https%3A%2F%2Fwww.win-gratis.be%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D304%26wingame_pk%3D74%26freetest_pk%3D1300%26sub_id%3D13200-17S%26sub_id_postback%3D1020098b742e4da470d00b0f9a56d5&urlauth=795264160853183550653164660748

Response headers

server
nginx
date
Thu, 18 Mar 2021 16:16:26 GMT
content-type
text/html;charset=ISO-8859-1
x-firstpage
0
x-page
reg_half
x-map-context
be
x-served-by
d-03
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 18 Mar 2021 16:16:26 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
354
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
8a3579a6052a218cac195e6f3572e364
Access-Control-Allow-Headers
Tune-SDK-Version
sweepstake.bundle.css
www.win-gratis.be/dist/74/
102 KB
18 KB
Stylesheet
General
Full URL
https://www.win-gratis.be/dist/74/sweepstake.bundle.css?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
2aadabb9ec2b67e1cf80dae8b32a6759a076a1ce17977a4678c06411fb559528

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 09:10:30 GMT
server
nginx
x-map-context
be
etag
W/"601bba06-197db"
x-served-by
d-01
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
MooTools-Core-1.6.0-compressed.js
www.win-gratis.be/_global/js/framework/
88 KB
28 KB
Script
General
Full URL
https://www.win-gratis.be/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
nginx
x-map-context
be
etag
W/"5a059201-15e64"
x-served-by
d-04
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
moolidator.js
www.win-gratis.be/_global/js/
43 KB
8 KB
Script
General
Full URL
https://www.win-gratis.be/_global/js/moolidator.js?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
43e7a58b43464b2a609b9c8de11c70280749591d10dd82dd016481d36d3d1a28

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Wed, 06 May 2020 10:20:06 GMT
server
nginx
x-map-context
be
etag
W/"5eb28f56-ab89"
x-served-by
d-01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
moolidator_rules.js
www.win-gratis.be/_global/js/
27 KB
4 KB
Script
General
Full URL
https://www.win-gratis.be/_global/js/moolidator_rules.js?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
5e08d135223d699871b92ca3ef9797321d19da44ddd939101760e5d19e1b19df

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 13:04:28 GMT
server
nginx
x-map-context
be
etag
W/"60267cdc-6dab"
x-served-by
d-02
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
scripts.js
www.win-gratis.be/_global/js/
55 KB
13 KB
Script
General
Full URL
https://www.win-gratis.be/_global/js/scripts.js?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
893b897b8e78f53c2b80dc7158161ad4f0625a85d32513e656a07ba98f7e230a

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 18:03:04 GMT
server
nginx
x-map-context
be
etag
W/"603694d8-db71"
x-served-by
d-01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
global.js
www.win-gratis.be/wingame/global/js/
3 KB
1 KB
Script
General
Full URL
https://www.win-gratis.be/wingame/global/js/global.js?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
0eacf1acc388defc553edf087f3b6dba7dce25fde1e20e6ad879078e25e44c8c

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 13:11:44 GMT
server
nginx
x-map-context
be
etag
W/"5eac2010-bc3"
x-served-by
d-02
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
series.js
www.win-gratis.be/_global/wingame/76/js/
8 KB
3 KB
Script
General
Full URL
https://www.win-gratis.be/_global/wingame/76/js/series.js?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
63b93ce6ea02afbc6e0903c0161e37f66370c4f4a286600f8ac9c0c00389bc31

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Thu, 26 Mar 2020 08:57:19 GMT
server
nginx
x-map-context
be
etag
W/"5e7c6e6f-21e6"
x-served-by
d-03
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
sweepstake.js
www.win-gratis.be/wingame/74/js/
2 KB
922 B
Script
General
Full URL
https://www.win-gratis.be/wingame/74/js/sweepstake.js?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
973366925725b537269434d10ff7ef438b94d040b2e286cd1633901ee998f6e4

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 09:07:39 GMT
server
nginx
x-map-context
be
etag
W/"6017c4db-851"
x-served-by
d-03
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
OpenSans.css
www.win-gratis.be/_static/_global/_supload/fonts/css/
3 KB
620 B
Stylesheet
General
Full URL
https://www.win-gratis.be/_static/_global/_supload/fonts/css/OpenSans.css
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
acb3c09bfdccdcfd6ebb1b337fa33a8806a4a637e56cbfabc406daf3895f8656

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Fri, 02 Oct 2020 10:59:36 GMT
server
nginx
etag
W/"476288478"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
switch_language_layer.css
www.win-gratis.be/wingame/global/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.win-gratis.be/wingame/global/css/switch_language_layer.css?2021-03-18.3
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
d40ce64c2ba48c1eeb3abb28ace2795c26a11c4c11ea711aca706bfea2930ef7

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 13:11:44 GMT
server
nginx
x-map-context
be
etag
W/"5eac2010-aab"
x-served-by
d-01
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:26 GMT
close_icon.svg
www.win-gratis.be/wingame/global/images/
841 B
1 KB
Image
General
Full URL
https://www.win-gratis.be/wingame/global/images/close_icon.svg
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
last-modified
Fri, 01 May 2020 13:11:44 GMT
server
nginx
x-map-context
be
etag
"5eac2010-349"
x-served-by
d-03
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
841
expires
Fri, 19 Mar 2021 16:16:26 GMT
image_977_966_1541076080.png
www.win-gratis.be/files/web/freetest/_images/
39 KB
40 KB
Image
General
Full URL
https://www.win-gratis.be/files/web/freetest/_images/image_977_966_1541076080.png
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e68dd32e587754cc653e0aaaead7ca656358e2c9f3cf9b107781ea771b8d51a

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
last-modified
Thu, 01 Nov 2018 12:41:20 GMT
server
nginx
x-map-context
be
etag
"5bdaf470-9d3c"
x-served-by
d-04
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
40252
expires
Fri, 19 Mar 2021 16:16:26 GMT
J3FLpLWuZXtA74ugc.js
static.cleverpush.com/channel/loader/
457 KB
92 KB
Script
General
Full URL
https://static.cleverpush.com/channel/loader/J3FLpLWuZXtA74ugc.js
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc028510bcf274954a246f55d71bd0933e482ab8f0c97889f06c3d5e22d3c8

Request headers

Referer
https://www.win-gratis.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4965
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1715H16VRCBQPECB
x-amz-id-2
SrrATyaaFuKdit6W3o2DoKKJAxocGUnW0JKczYS8s1RADvhdjsKVOR7CcHeYYMbUzuMl1xgNuS0=
last-modified
Thu, 18 Mar 2021 08:48:22 GMT
server
cloudflare
etag
W/"c97ffc643501e07fe2869b919879520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7vnR7BlbHtjRNd309m7%2FjBwbsLR1cAc%2FjvnDzmQMn0UTV18ykqpnLo8bt8CaBpi%2Fee90EFfLO2KuTl8NSGdos3lkUL1hrorE2Kg7fC0Cpu0MhW0UmKqxWwDhYuyIW8bzUQM%3D"}]}
content-type
application/javascript
cache-control
public, max-age=5356800
cf-request-id
08e7b8cf7f00004e8ccb31f000000001
cf-ray
631fc3f8cb6b4e8c-FRA
api.js
www.google.com/recaptcha/
944 B
711 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallBack&render=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87d9f19f97beacfff4c1a9907d363ec7417958eb4257091b05bf36f7bd4fdd11
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.win-gratis.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
609
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:16:27 GMT
bgMediastore.jpg
www.win-gratis.be/_static/_global/_supload/ctn/
125 KB
125 KB
Image
General
Full URL
https://www.win-gratis.be/_static/_global/_supload/ctn/bgMediastore.jpg
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
ed77b05b758127173f1acdb68484cdaee345d21422ea233206282ce8be15d896

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
last-modified
Tue, 02 Feb 2021 12:20:26 GMT
server
nginx
etag
"1868320131"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
127919
expires
Fri, 19 Mar 2021 16:16:26 GMT
OpenSans-Regular.woff2
www.win-gratis.be/_static/_global/_supload/fonts/
44 KB
44 KB
Font
General
Full URL
https://www.win-gratis.be/_static/_global/_supload/fonts/OpenSans-Regular.woff2
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/_static/_global/_supload/fonts/css/OpenSans.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf

Request headers

Origin
https://www.win-gratis.be
Referer
https://www.win-gratis.be/_static/_global/_supload/fonts/css/OpenSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:26 GMT
last-modified
Thu, 24 Sep 2020 13:54:25 GMT
server
nginx
etag
"2103964994"
content-type
font/woff2
cache-control
max-age=86400
accept-ranges
bytes
content-length
44648
expires
Fri, 19 Mar 2021 16:16:26 GMT
OpenSans-ExtraBold.woff2
www.win-gratis.be/_static/_global/_supload/fonts/
45 KB
45 KB
Font
General
Full URL
https://www.win-gratis.be/_static/_global/_supload/fonts/OpenSans-ExtraBold.woff2
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/_static/_global/_supload/fonts/css/OpenSans.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
e4e178ca4ff7fded30cca5eecc4c88748e5ee4580eeeee097bcc3bb1c8dfaed1

Request headers

Origin
https://www.win-gratis.be
Referer
https://www.win-gratis.be/_static/_global/_supload/fonts/css/OpenSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
last-modified
Thu, 24 Sep 2020 13:54:24 GMT
server
nginx
etag
"1592293359"
content-type
font/woff2
cache-control
max-age=86400
accept-ranges
bytes
content-length
46188
expires
Fri, 19 Mar 2021 16:16:27 GMT
OpenSans-Bold.woff2
www.win-gratis.be/_static/_global/_supload/fonts/
45 KB
46 KB
Font
General
Full URL
https://www.win-gratis.be/_static/_global/_supload/fonts/OpenSans-Bold.woff2
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/_static/_global/_supload/fonts/css/OpenSans.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb

Request headers

Origin
https://www.win-gratis.be
Referer
https://www.win-gratis.be/_static/_global/_supload/fonts/css/OpenSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
last-modified
Thu, 24 Sep 2020 13:54:24 GMT
server
nginx
etag
"4253221987"
content-type
font/woff2
cache-control
max-age=86400
accept-ranges
bytes
content-length
46460
expires
Fri, 19 Mar 2021 16:16:27 GMT
WgsgrRgzGoMgiRxoyqQiPhGiilzkrQljhgjmGwoylOjwowhzwgiLzopsXhwxsiynyMkowoLiirkkwqlgPhqRgzGoMiMowwloxiuLoLzishwmrpjnsLpqvOMgigxwQrikmhvwgMqlykJkmQilzmQgkrlskoGlzvgilyIikoGgLggiRkgwthiKgmimzzmGthjGrQlgw...
www.win-gratis.be/sc/ Frame BCCD
246 B
338 B
Document
General
Full URL
https://www.win-gratis.be/sc/WgsgrRgzGoMgiRxoyqQiPhGiilzkrQljhgjmGwoylOjwowhzwgiLzopsXhwxsiynyMkowoLiirkkwqlgPhqRgzGoMiMowwloxiuLoLzishwmrpjnsLpqvOMgigxwQrikmhvwgMqlykJkmQilzmQgkrlskoGlzvgilyIikoGgLggiRkgwthiKgmimzzmGthjGrQlgwhxJKKjishwmpKnimPwIkLpxskMjiLNgskKmgKxwssMuotrjskMIkpugLOPrvtKQqoxmNgQlytgGvJnxIKmjKwO
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
8fbbb8157697214196aecb7e7da0e61889b77170b7976064f4234a6365f0dfa3

Request headers

:method
GET
:authority
www.win-gratis.be
:scheme
https
:path
/sc/WgsgrRgzGoMgiRxoyqQiPhGiilzkrQljhgjmGwoylOjwowhzwgiLzopsXhwxsiynyMkowoLiirkkwqlgPhqRgzGoMiMowwloxiuLoLzishwmrpjnsLpqvOMgigxwQrikmhvwgMqlykJkmQilzmQgkrlskoGlzvgilyIikoGgLggiRkgwthiKgmimzzmGthjGrQlgwhxJKKjishwmpKnimPwIkLpxskMjiLNgskKmgKxwssMuotrjskMIkpugLOPrvtKQqoxmNgQlytgGvJnxIKmjKwO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5

Response headers

server
nginx
date
Thu, 18 Mar 2021 16:16:27 GMT
content-type
text/html;charset=ISO-8859-1
x-map-context
be
x-served-by
d-03
content-encoding
gzip
s5-bfp.js
www.win-gratis.be/_global/js/
12 KB
4 KB
Script
General
Full URL
https://www.win-gratis.be/_global/js/s5-bfp.js?6704461533
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/_global/js/scripts.js?2021-03-18.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1

Request headers

Referer
https://www.win-gratis.be/cgi-bin/wingame.pl?partner_pk=304&wingame_pk=74&freetest_pk=1300&sub_id=13200-17S&sub_id_postback=1020098b742e4da470d00b0f9a56d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 12 Mar 2020 13:46:39 GMT
server
nginx
x-map-context
be
etag
W/"5e6a3d3f-2e71"
x-served-by
d-04
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Fri, 19 Mar 2021 16:16:27 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/
331 KB
130 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallBack&render=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.win-gratis.be
Referer
https://www.win-gratis.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 13:47:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8936
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132685
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 13:47:31 GMT
anchor
www.google.com/recaptcha/api2/ Frame 52AE
19 KB
10 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
66397f9ec211570a30ff0f9cd5966af1fad89ef6cfa3b79fccfdad78e9d7de6c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xgPeyicV9d7SluYuJvP0IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.win-gratis.be/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.win-gratis.be/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 18 Mar 2021 16:16:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-xgPeyicV9d7SluYuJvP0IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10068
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WgklzvgilyIgikqkgLgnoMRKkPimwJwwjjyKkLgoIsMirjggskhgGxOIxikimowyLnGixoiGRLGgkhgnOIkosiRghGGtXkowiliirkrisjNunyykpIKnxszoljPLOtIhwQoi
www.win-gratis.be/sc/ Frame BCCD
79 B
269 B
Image
General
Full URL
https://www.win-gratis.be/sc/WgklzvgilyIgikqkgLgnoMRKkPimwJwwjjyKkLgoIsMirjggskhgGxOIxikimowyLnGixoiGRLGgkhgnOIkosiRghGGtXkowiliirkrisjNunyykpIKnxszoljPLOtIhwQoi
Requested by
Host: www.win-gratis.be
URL: https://www.win-gratis.be/sc/WgsgrRgzGoMgiRxoyqQiPhGiilzkrQljhgjmGwoylOjwowhzwgiLzopsXhwxsiynyMkowoLiirkkwqlgPhqRgzGoMiMowwloxiuLoLzishwmrpjnsLpqvOMgigxwQrikmhvwgMqlykJkmQilzmQgkrlskoGlzvgilyIikoGgLggiRkgwthiKgmimzzmGthjGrQlgwhxJKKjishwmpKnimPwIkLpxskMjiLNgskKmgKxwssMuotrjskMIkpugLOPrvtKQqoxmNgQlytgGvJnxIKmjKwO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab

Request headers

Referer
https://www.win-gratis.be/sc/WgsgrRgzGoMgiRxoyqQiPhGiilzkrQljhgjmGwoylOjwowhzwgiLzopsXhwxsiynyMkowoLiirkkwqlgPhqRgzGoMiMowwloxiuLoLzishwmrpjnsLpqvOMgigxwQrikmhvwgMqlykJkmQilzmQgkrlskoGlzvgilyIikoGgLggiRkgwthiKgmimzzmGthjGrQlgwhxJKKjishwmpKnimPwIkLpxskMjiLNgskKmgKxwssMuotrjskMIkpugLOPrvtKQqoxmNgQlytgGvJnxIKmjKwO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
content-type
image/gif
server
nginx
x-map-context
be
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-length
79
x-served-by
d-01
styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 52AE
50 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
41
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Fri, 18 Mar 2022 16:15:46 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 52AE
331 KB
130 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 13:47:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8936
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132685
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 13:47:31 GMT
0OkhISzYLxKDNQK93RypyX-IRmM4kzPCiv4AMUMygRQ.js
www.google.com/js/bg/ Frame 52AE
14 KB
6 KB
Script
General
Full URL
https://www.google.com/js/bg/0OkhISzYLxKDNQK93RypyX-IRmM4kzPCiv4AMUMygRQ.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0e921212cd82f12833502bddd1ca9c97f884663389333c28afe003143328114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 12:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 18:00:00 GMT
server
sffe
age
13456
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5793
x-xss-protection
0
expires
Fri, 18 Mar 2022 12:32:11 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 52AE
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
73436
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Wed, 24 Mar 2021 19:52:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 52AE
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
592502
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 11 Mar 2022 19:41:25 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 52AE
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:40:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
age
74174
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
expires
Thu, 17 Mar 2022 19:40:13 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 52AE
102 B
157 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:16:27 GMT
reload
www.google.com/recaptcha/api2/ Frame 52AE
9 KB
7 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c6efddb00b0ceaf1996171b3843fd0cdb602dc41676182093e2b1ba4bcb07aa7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZjocUAAAAAFwSSaFlUcH6p5zkyiZzZNEZxQMf&co=aHR0cHM6Ly93d3cud2luLWdyYXRpcy5iZTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=mljyddty4155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 18 Mar 2021 16:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
1; mode=block
expires
Thu, 18 Mar 2021 16:16:27 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type function| Moolidator_Lite object| moolidator_lite_rules object| mooli object| moolidator_lite_countries object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log function| toggle function| loadPro6pp function| loadJsFile function| loadCssFile boolean| page_submitted undefined| field_validator string| current_page undefined| scroll_position_x function| iframe_selector function| open_iframe function| open_layer function| initialize_quiz function| initialize_selectedPrize function| add_pop_iframe_closer_events function| setFilledClass object| POPUNDER string| context function| iframeLoaded function| Sponsorlist_sweepstake object| CP object| CleverPush function| cleverPushInitCallback number| create_token_interval function| token_generator function| recaptchaCallBack undefined| dccBts undefined| hlrPingerEvent string| slickid object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| p function| w object| m object| y object| e object| b object| z string| n boolean| A object| x function| forge_sha256 string| canvasData number| c2 number| c1 function| setImmediate function| clearImmediate number| __cleverPushSdkLoadCount object| recaptcha object| closure_lm_337921

1 Cookies

Domain/Path Name / Value
.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AANfN8Rn0h_Q1IO2uFSCzSo1k3kTqePnE-e2CCmsIdbJVw_9S3cKELemNN6QtAcqe9QubRI7NupnTd5yyeFwr1I

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.cleverpush.com/channel/loader/J3FLpLWuZXtA74ugc.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
ginzzines.com
goldtimexgroup.com
mail.hodtd.com
margtons.com
static.cleverpush.com
www.google.com
www.gstatic.com
www.tracepartsonline.net
www.win-gratis.be
185.3.185.190
191.101.165.107
23.229.68.7
2606:4700:20::681a:f1f
2a00:1450:4001:800::2003
2a00:1450:4001:809::2003
2a00:1450:4001:813::2004
52.210.134.198
65.98.109.153
84.55.181.107
0eacf1acc388defc553edf087f3b6dba7dce25fde1e20e6ad879078e25e44c8c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2aadabb9ec2b67e1cf80dae8b32a6759a076a1ce17977a4678c06411fb559528
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
43e7a58b43464b2a609b9c8de11c70280749591d10dd82dd016481d36d3d1a28
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
49c8a0ec974fbb12a4613d03a63eba5c601c203379c139d23d12ce6df9be66f5
4e68dd32e587754cc653e0aaaead7ca656358e2c9f3cf9b107781ea771b8d51a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e08d135223d699871b92ca3ef9797321d19da44ddd939101760e5d19e1b19df
63b93ce6ea02afbc6e0903c0161e37f66370c4f4a286600f8ac9c0c00389bc31
66397f9ec211570a30ff0f9cd5966af1fad89ef6cfa3b79fccfdad78e9d7de6c
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1
87d9f19f97beacfff4c1a9907d363ec7417958eb4257091b05bf36f7bd4fdd11
893b897b8e78f53c2b80dc7158161ad4f0625a85d32513e656a07ba98f7e230a
8fbbb8157697214196aecb7e7da0e61889b77170b7976064f4234a6365f0dfa3
973366925725b537269434d10ff7ef438b94d040b2e286cd1633901ee998f6e4
98bc028510bcf274954a246f55d71bd0933e482ab8f0c97889f06c3d5e22d3c8
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
acb3c09bfdccdcfd6ebb1b337fa33a8806a4a637e56cbfabc406daf3895f8656
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
c6efddb00b0ceaf1996171b3843fd0cdb602dc41676182093e2b1ba4bcb07aa7
d0e921212cd82f12833502bddd1ca9c97f884663389333c28afe003143328114
d40ce64c2ba48c1eeb3abb28ace2795c26a11c4c11ea711aca706bfea2930ef7
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
e4e178ca4ff7fded30cca5eecc4c88748e5ee4580eeeee097bcc3bb1c8dfaed1
ed77b05b758127173f1acdb68484cdaee345d21422ea233206282ce8be15d896
f7da81653696dd9c40fc877029fec9f117337bae08b858d50d6c00d962cab848
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab